Oracle Cloud Infrastructure Documentation

Bastion Session

Oracle Cloud Infrastructure Bastion session provides restricted and time-limited access to target resources that do not have public endpoints.

Bastion sessions let authorized users connect from specific IP addresses to target resources using Secure Shell (SSH) sessions. When you connect using a Bastion session, you can interact with the target resource by using any software or protocol supported by SSH. For example, you can use the Remote Desktop Protocol (RDP) to connect to a Windows host, or use Oracle Net Services to connect to a database. Bastions also allow connections to MySQL DB systems.

Related Topics

Connecting to MySQL Studio Using a Port Forwarding Session

This section describes how to connect to MySQL Studio using a Port Forwarding session.

Before you begin, you must create a Port Forwarding session (also known as an SSH tunnel) to the port number assigned to the MySQL Studio endpoint on the target DB system. The default port number assigned to the MySQL Studio endpoint is 8443.
  • You must have the private key file of the SSH key pair that you used to create the session.
  • The IP address of the machine must be in the CIDR block allowlist of the bastion that hosts the session.
  • The IP address of the bastion must be permitted to access the target DB system. See Allowing Network Access From the Bastion.

Using the Console

To connect to MySQL Studio using a Port Forwarding session:

  1. On the Bastions list page, select the bastion that contains the port forwarding session that you want to work with.
  2. On the Details page, select the Sessions tab or link.
  3. Find the session that you want to use to connect to the intended target resource.
  4. From the Actions menu (three dots) for the session, select Copy SSH command. Using a text editor, replace <privateKey> with the path to the private key of the SSH key pair that you provided when you created the session, and <localPort> with any local port on the machine from which you want to connect to the bastion.
  5. (Optional) Add the verbose (-v) option to the end of the SSH command for detailed information about the connection.
    Note

    Don't use the -vv or -vvv options.
  6. On your machine, use a command line to issue the customized SSH command and connect to the bastion session. If you created a private key with a passphrase, you're prompted to enter it twice for a Port Forwarding session. After you create a connection to a Port Forwarding session, the process doesn't exit. Don't close the terminal. If you enabled verbose output (-v), the final message after a successful connection is: 
    debug1: pledge: network
  7. Connect to MySQL Studio from a browser using one of the following localhost URLs:
    https://localhost:<localPort>
    or
    https://127.0.0.1:<localPort>
    Replace <localPort> with the local port number that you specified in the customized SSH command that you issued to connect to the bastion session.
If you run into any problems, see Troubleshooting Bastion.