Highest Voted 'bastion' Questions

26

votes

2 answers

Relationship between bastion host and jump host

What's are the differences/similarities between a "bastion host" and a "jump host"? Are they usually used interchangeably?

firewall proxy bastion

asked Sep 17 '15 at 10:06

kolistivra

363

17

votes

3 answers

SSH host key checking cannot disable when using proxy jump

I am trying to SSH through a jumpbox, but SSH seems to be intent on checking host keys for the jumpbox, even though I'm telling it not to, using the normal -o StrictHostKeyChecking=no -o UserKnownHostsFile=no command line options. If I SSH directly…

ssh bastion hostkey

asked Mar 22 '17 at 20:54

siride

629

13

votes

7 answers

SSH through intermediate host fails only on myuser@mymac but works elsewhere

I am not able to connect via ssh to one of my datacenter nodes using my user on my macbook. This is a recent problem, and it was perfectly funtional since ~ a couple of weeks ago. Strangely, this only affects my user on my computer, but I am able…

ubuntu ssh mac-osx bastion

asked Mar 13 '17 at 10:19

RogerFC

354

11

votes

3 answers

Bastion server: use TCP forwarding VS placing private key on server

We have bastion server B. We need to SSH from A through B to C, using private key. What is the better option: Put the private SSH key on server B. We read that it's a bad idea to do that in a production environment. From here: Never place your…

linux ssh security private-key bastion

asked Mar 14 '19 at 09:33

user2503775

223

10

votes

2 answers

ssh-keyscan through a bastion

I have some test servers running behind a bastion on Openstack. The test stack gets deleted and created often. After the stack is created I run a set of Ansible scripts to install and configure the servers. I have the process almost completely…

ssh ansible bastion

asked Jan 02 '17 at 11:07

Steve

153

10

votes

1 answer

Ansible - Access through Bastion w/ MFA

In my current environment, I have all my Linux servers only accessible through a bastion host, which has MFA enabled. I've managed to get Ansible to successfully talk to servers through the bastion, the only problem is that it establishes a new…

ansible configuration-management two-factor bastion

asked Feb 29 '16 at 17:10

Paul Kirby

201

5

votes

1 answer

GCP: Run kubectl exec on private cluster over proxy

I have a private kubernetes cluster with private ip. In order to access it i have set up a bastion host with squid proxy. It looks like this: My host -> bastion -> private cloud Regular kubectl commands work throw proxy as expected: $…

proxy google-kubernetes-engine bastion

asked Mar 28 '19 at 07:17

Erez Ben Harush

177
1
8

4

votes

2 answers

Should a NAT host be separate from a Bastion host

Have a private network with servers that required SSH access. Since the instances are in a private subnet, they cannot be accessed directly via SSH and require a public Bastion host to access. Workstation -> via SSH -> Bastion -> via SSH Forwarding…

security nat networking bastion

asked Oct 01 '14 at 16:39

csi

1,605
7
26
43

4

votes

3 answers

How to ssh to a server via bastion(proxy) with key from the bastion(proxy) NOT origin

So I'm essentially trying to do this: ssh bob2@35.192.152.35 -t ssh bob2@test-vm the above works fine if I just put it into the terminal, however I am having a hard time trying to replicate it via the .ssh config file. Here's what I have inside the…

linux ssh proxy bastion

asked Apr 24 '22 at 14:52

Dmytro Lysak

141
1
2

3

votes

1 answer

SSH Tunnel through bastion host

I'm having an issue with establishing an ssh tunnel through a bastion host. Having looked through various SE questions which potentially solve the problem, nothing has. My ssh config file (local) Host www HostName *** IdentityFile…

linux ssh amazon-web-services bastion

asked Mar 23 '18 at 20:15

Nick D

161

3

votes

1 answer

How do you SSH in to an Azure VM through an Azure Bastion?

My initial understanding was that an Azure Bastion acts like a lightweight SSH (and RDP) gateway to resources -- specifically, VMs -- on the same virtual network, rather than provisioning a full VM as a jumpbox. That is, I would expect to be able to…

ssh azure terraform bastion

asked Feb 11 '22 at 15:10

Xophmeister

157

3

votes

1 answer

Tinyproxy error: Unable to connect to the server: Access denied

I installed tinyproxy 1.8.4 on a bastion host with public IP on GCP, to forward traffic to a private GKE cluster. Now I'm using ssh to connect to the bastion host with port forwarding and the connection is established correctly, however, Running…

ssh debian google-cloud-platform bastion tinyproxy

asked Mar 01 '21 at 14:33

Abdelwahhab

51
1
5

3

votes

1 answer

How to properly make an ssh bastion, with fail2ban, in a Docker container

I've already asked the question on the Docker forums but so far no luck with a reply. I'm hoping I will have better fortune here. I’m in the process of making an ssh bastion (with fail2ban for security) in a Docker container. The container will…

ssh docker fail2ban bastion

asked Apr 14 '20 at 07:17

Oliver Henriot

223
3
10

2

votes

1 answer

SSH CA-signed key fails via bastion

I'm setting up some servers for a new system and decided to do things a little bit differently. I'm running into an issue that I just can't seem to get past though. My desired configuration is having one bastion server and N other servers that can…

ssh authentication certificate-authority bastion

asked Oct 15 '19 at 23:13

3ocene

71

2

votes

3 answers

AWS - Bastion checking IAM permissions?

Is it possible to set up a bastion host in AWS that would be checking IAM to check if given user can connect to specific EC2 instance? It might be a bit blurry but the idea is following. Let's assume that a company has 2 customers and each of them…

amazon-web-services amazon-iam bastion

asked Jun 07 '19 at 10:41

Tomasz Kapłoński

153
4

Questions tagged [bastion]