Bastion Host

January 22, 2024 | seedling, permanent

tags :

Security #

ref

A bastion host is a server used to manage access to an internal or private network from an external network - sometimes called a jump box or jump server.
Because bastion hosts often sit on the Internet, they typically run a minimum amount of services in order to reduce their attack surface.
They are also commonly used to proxy and log communications, such as SSH sessions.

OCI #

youtube

Youtube: How to Configure Oracle Cloud Infrastructure (OCI) Bastion Service

Two types of SSH sessions are possible:

Bastions are Oracle-managed (Fully Managed) services. You use a bastion to create Secure Shell (SSH) sessions that provide access to other private resources. But you can’t connect directly to a bastion with SSH and administer or monitor it like a traditional host.

connecting to Bastion Host of OCI with ZSH of macOS #

append to the copied command -o PubkeyAcceptedKeyTypes=ssh-rsa -vvv

ssh -i <privateKey> -N -L <localPort>:10.1.1.200:3306 -p 22 ocid1.bastionsession.oc1.me-jeddah-1.amaaaaaadcnn6mqau3txtqj3foobvgciltk5vfkjsaje2xchao5aek5lv2wa@host.bastion.me-jeddah-1.oci.oraclecloud.com -o PubkeyAcceptedKeyTypes=ssh-rsa -vvv

Links to this note

Networking in OCI