Help Center> Cloud Bastion Host> User Guide> Operation> Host Operation> Logging In to Resources Using an SSH Client for O&M
Updated on 2023-04-11 GMT+08:00
View PDF

Logging In to Resources Using an SSH Client for O&M

CBH gives you the ability to use an SSH client to manage your host resources without changing your habits of using your original SSH client. In addition, the command rules and operation audit function are still available.

This topic uses Xshell as an example to describe how to use an SSH client to log in to a resource for O&M and how to download the configuration file of the resource.

Constraints

  • Logging using an SSH client is used only for hosts using the SSH, Telnet, or Rlogin protocol. For hosts using the Rlogin protocol, only an SSH client can be used for login.
  • Supported SSH clients include SecureCRT 8.0 or later, Xshell 5 or later, PuTTY, and MAC Terminal 2.0 or later.

Prerequisites

  • You have the management permissions for the Host Operation module.
  • You have obtained the access permissions for the resources.
  • You have installed the client tool.
  • The network connection between the managed host and the system is normal, and the account username and password for logging in to the managed host are correct.

Procedure

  1. Start the local client tool Xshell and choose File > New to create a user session.
  2. Configure session connections.

    • Method 1
      1. Set Protocol Type to SSH, enter the elastic IP address of the CBH instance, set Port to 2222, and click OK.
      2. Enter the username of the CBH instance and click Connect.
    • Method 2:

      In the newly opened blank session window, run a command in the following format: Protocol type User login name@System login IP address Port number, for example, ssh admin@10.10.10.10 2222.

    • Method 3

      In the live session window of a Linux host, run a command in the following format: Protocol type User login name@System login IP address-p Port number, for example, ssh admin@10.10.10.10 -p 2222.

  3. Verify user identity.

    • Select Password, enter your password, and click OK.
    • Select Public Key, select a user key from the Browse drop-down list, enter the password, and click OK.

      After the authentication is successful, the user can use the SSH client to log in to the CBH system without having to enter a password.

  4. Log in to the CBH system.

    If an SSH client is used, password, SMS message, mobile token, and OTP can be used for login identity authentication. To use mobile SMS message, mobile OTP, and OTP authentication methods, configure multifactor verification. For details, see Configuring User Login Restrictions.

    • Mobile SMS: After logging in to the system using the local password, select Mobile SMS for Multifactor Verification, and enter the SMS verification code.
    • Mobile OTP: After logging in to the system using the local password, select Mobile OTP and enter the dynamic password of the mobile phone token.
    • One-Time password: After logging in to the CBH system using the local password, select OTP and enter the dynamic token verification code.

  5. Import multiple accounts of a managed host.

    Decompress the configuration file package, open the readme.txt file, and import accounts by referring to the guide.

  6. Log in to the managed host using an account.

    Select the account to be used for logging, enter the password of the system user, and log in to the host for O&M.

Downloading Host Configuration File

To import host resources in batches using the SSH client, download the configuration files of the hosts to be imported.

  1. Log in to the CBH system using a web browser.
  2. Choose Operation > Host Operation to go to the Host Operation page.
  3. Click Export Host Configuration.
  4. Select the configuration file of the client and click OK to download the configuration file.

    Figure 1 Export Host Configuration

Parent topic: Host Operation