Part 1: Creating a Bastion Host
Choose a Cloud Provider: Select your preferred cloud provider. If you don't have one, AWS offers a reliable free tier option to get started.
Launch an Instance:
Navigate to your cloud provider's virtual machine creation service (e.g., AWS EC2, GCP GCE).
Choose a security-hardened operating system like Ubuntu or Amazon Linux.
Configure Network Security:
Create a security group for the bastion host.
Allow inbound SSH access (TCP port 22) only from your trusted IP addresses and Locale’s IP Address
35.185.77.86
. Restrict all other traffic.Assign the bastion host to the same VPC and subnet as the target database (if they are in the same cloud environment).
Part 2: SSH Connection to Bastion Host
💡 Public-key authentication is the recommended approach for the SSH Connection.
Locale offers two-way of connecting to bastion host
Password Authentication:
Edit your sshd config file
Find the line
PasswordAuthentication no
and change it toPasswordAuthentication yes
.Save the changes and restart the SSH service:
sudo systemctl restart sshd
Public Key Authentication:
Copy the Locale SSH Key from the data source connection page.
Upload locale’s public key to the bastion host's
~/.ssh/authorized_keys
file.