Help Center/ Cloud Bastion Host/ User Guide/ Logging In to the CBH System/ Using a Web Browser to Log In to Your Bastion Host
Updated on 2024-09-24 GMT+08:00
View PDF
Share

Using a Web Browser to Log In to Your Bastion Host

You can use mainstream browsers to log in to your bastion host for system management and resource O&M. Web browsers are recommended for system administrator admin or other administrators to manage the system and audit authorization.

Browser-based logins can be authenticated by password, SMS message, mobile OTP, USB key, or OTP token.

  • First-time login users are required to bind a mobile number for password resetting.
  • You can select Local Login, IAM Login (available in V3.3.44.0 or later), or Admin Login (available in V3.3.52.1 or later, but not supported by Kunpeng PBH). If you select IAM Login or Admin Login, no password is required.

Prerequisites

An EIP has been bound to your bastion host.

Procedure

  1. Enter the IP address of your bastion host in the address box of your browser to access the login page.

    URL: https:// EIP of your bastion host, for example, https://10.10.10.10.

    Use supported browsers to access your bastion host. In an incompatible browser, the login verification message may fail to be sent to you, or exceptions may occur after you log in. For recommended browsers, see Restrictions on Using a Bastion Host.

  2. Select a login authentication method.

    Figure 1 Bastion host system login page

  3. Enter credentials required by the login method you chose.

    The following content walks you through how to log in to your bastion host using different authentication methods.

Using Static Passwords for Logging

  1. Select Password.
  2. Enter the username and password of your account.
  3. Click Login.

    Figure 2 Password authentication

Using SMS Verification for Logging

Before you start, ensure that your mobile number can receive SMS messages.

  1. Select SMS.
  2. Enter the username and password of your PBH account.
  3. Click Send code and enter the 6-digit OTP token in the received SMS message.
  4. Click Login.

    Figure 3 SMS authentication

Using Mobile OTPs for Logging

Before your start, ensure that the time on your mobile phone must be the same as that in your bastion host, accurate to seconds.

The mobile phone token applet for your bastion host is stored in the applet cache. The applet cache may be cleared mistakenly in the background.

It is recommended that you save the QR code image when applying for a mobile phone token. If the preceding situation occurs, scan the QR code again.

  1. Select OTP.
  2. Enter the username and password of your account.
  3. Start the token client on your mobile phone, obtain the 6-digit OTP, and enter it in the OTP text box.
  4. Click Login.

    Figure 4 OTP authentication

Login Through USB Key Authentication

  1. Select USBKey.
  2. Insert your USB key. The bastion host automatically identifies the USB key.
  3. Enter the PIN code displayed on your USB key.
  4. Click Login.

    Figure 5 USB key authentication

Using OTP Tokens for Logging

  1. Select OTP token.
  2. Enter the username and password of your account.
  3. Obtain the 6-digit OTP from the issued hardware token and enter it in the OTP token text box.
  4. Click Login.

    Figure 6 OTP token authentication

Login Through Azure AD Authentication

  1. Click the Azure AD login link to go to the Microsoft Azure login page.
  2. Enter the username and password of your Microsoft Azure account as prompted.

    Your login name must contain the email address suffix, for example, zhang@example.com.

  3. Click Login.