Bastion Host

• User needs: Governance, Security & Connectivity
• User profiles: Data Scientists, Data Engineers
• User assumed knowledge: What a bastion host is, how SSH tunneling works

You can connect to different deployed DSL components via the Bastion Host. Each DSL comes with a default bastion host that allows you to access DSL network resources via SSH tunneling. SSH is available on port 22 and user accounts on the Bastion Hosts are synced with the Azure AD. You can use your ec-dataplatform.eu accounts to access Amazon WorkSpaces. DSL Bastion Hosts can only be accessed by the AD groups that are assigned to a DSL. If you want to access web interfaces that are deployed in a DSL network, you will need to forward the IP/DNS of the web interface and the port where it is hosted (HTTP:80, HTTPS:443, Apache Hue:8888, …) to your local desktop via SSH tunneling.

You can also use the Bastion Host as a jump host to SSH into DSL resources that have port 22 open.

Access web interfaces via SSH (PuTTY example)

Use these steps if you want to access web interfaces from your local desktop that are deployed in your DSL network (e.g. Apache Hue, Data Science Studio, Kibana).

1. Download and install PuTTY (https://www.putty.org/)

2. In the ‘Session’ tab, enter as Host Name: IP address of your DSL’s Bastion Host

1. Go to tab “Connection – SSH – Tunnels”.

2. Enter as Destination, private_host_ip_address:port.

   a. private_host_ip_address: This is the IP address or DNS of the web interface that you want to access.

   b. port: This is the port where the web interface is running on. For regular web applications that use HTTPS, use port 443. If a specific port is mentioned in the documentation of the resource, use that port. For example, Apache Hue uses port 8888.

3. Enter as Source port: local_port, an vailable free port on your local system (e.g. 10000)

4. Click on Add