Creating a Managed SSH Session in Bastion

Create a managed SSH session.

Before creating a managed SSH session, verify the following information:

The bastion plugin is enabled on the target Compute instance . For details, see Managing Plugins with Oracle Cloud Agent.
The VCN (virtual cloud network) includes a gateway (service gateway , internet gateway , or NAT gateway ) and a route rule for the gateway.
For details, see Service Gateway, Internet Gateway, or NAT Gateway.

You must have the following information about the target resource you intend to create a session for:

Valid credentials to sign in to the target resource, such as operating system and database
One of the following:
- The name and compartment of the target compute instance
- The IP address and port of the target resource

Ensure that you have the public key file of the SSH key pair that you plan to use to connect to the session. To learn more, see Managing Key Pairs on Linux Instances.

1. Open the navigation menu and click Identity & Security. Click Bastion.
2. Under List scope, select the compartment where you want to create a bastion session.
3. Click the name of the bastion.
4. Click Create session.
5. Choose Managed SSH session to connect to a Compute instance that has a running OpenSSH server and has Oracle Cloud Agent and enabled.
6. Enter a valid operating system username for the target instance.
  
  The default username on most platform images is opc.
7. Select the target Compute instance. If needed, change the compartment to find the instance. Only active instances are listed.
8. Enter a display name for the new session.
  
  Avoid entering any confidential information in this field.
9. Under Add SSH key, provide the public key file of the SSH key pair that you want to use for the session.
  
  Later, when you connect to the session, you must provide the private key of the same SSH key pair.
10. (Optional) To change the maximum amount of time that the session can remain active, click Show advanced options, and then enter a value for Maximum session time-to-live.
  
  Provide a value that's at least 30 minutes, but doesn't exceed the maximum TTL of the bastion. The default is 180 minutes or three hours.
  
  You can also delete a session before it expires.
11. (Optional) If you chose to create a Managed SSH session, change the specific port or IP address to connect to on the target compute instance.
  
  By default, the session uses the primary IP address of the instance and port 22.
  
  Click Show advanced options.
  
  Update the target Compute instance port.
  
  Select a target Compute instance IP address.
12. When you're finished, click Create session.
Use the oci bastion session create-managed-ssh command and required parameters to create a managed SSH session:
oci bastion session create-managed-ssh --bastion-id <bastion_ocid> [OPTIONS]
For a complete list of flags and variable options for CLI commands, see the Command Line Reference.
Run the CreateSession operation to create a managed SSH session.

Oracle Cloud Infrastructure Documentation

Creating a Managed SSH Session in Bastion