You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/bastion/bastion-connect-vm-ssh-linux.md
+50-59Lines changed: 50 additions & 59 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -47,12 +47,8 @@ In order to connect to the Linux VM via SSH, you must have the following ports o
47
47
48
48
1. In the Azure portal, go to the virtual machine to which you want to connect. At the top of the virtual machine **Overview** page, select **Connect**, then select **Connect via Bastion** from the dropdown. This opens the **Bastion** page. You can go to the Bastion page directly in the left pane.
49
49
50
-
:::image type="content" source="./media/bastion-connect-vm-ssh-linux/bastion.png" alt-text="Screenshot shows the Overview page for a virtual machine." lightbox="./media/bastion-connect-vm-ssh-linux/bastion.png":::
51
-
52
50
1. On the **Bastion** page, the settings that you can configure depend on the Bastion [SKU](bastion-overview.md#sku) tier that your bastion host has been configured to use.
53
51
54
-
:::image type="content" source="./media/bastion-connect-vm-ssh-linux/connection-settings.png" alt-text="Screenshot shows connection settings for SKUs higher than the Basic SKU." lightbox="./media/bastion-connect-vm-ssh-linux/connection-settings.png":::
55
-
56
52
* If you're using a SKU higher than the Basic SKU, **Connection Settings** values (ports and protocols) are visible and can be configured.
57
53
58
54
* If you're using the Basic SKU or Developer SKU, you can't configure **Connection Settings** values. Instead, your connection uses the following default settings: SSH and port 22.
@@ -84,17 +80,15 @@ Prerequisites:
84
80
85
81
Use the following steps to authenticate using Microsoft Entra ID.
86
82
87
-
:::image type="content" source="./media/bastion-connect-vm-ssh-linux/entra-id.png" alt-text="Screenshot shows authentication type as Microsoft Entra ID." lightbox="./media/bastion-connect-vm-ssh-linux/entra-id.png":::
88
-
89
83
1. To authenticate using Microsoft Entra ID, configure the following settings.
90
84
91
-
***Connection Settings**: Only available for SKUs higher than the Basic SKU.
92
-
93
-
***Protocol**: Select SSH.
94
-
***Port**: Specify the port number.
95
-
96
-
***Authentication type**: Select **Microsoft Entra ID** from the dropdown.
|**Connection Settings**| Only available for SKUs higher than the Basic SKU. |
124
+
|**Protocol**| Select SSH. |
125
+
|**Port**| Specify the port number. |
126
+
|**Authentication type**| Select **Password from Azure Key Vault** from the dropdown. |
127
+
|**Username**| Enter the username. |
128
+
|**Subscription**| Select the subscription. |
129
+
|**Azure Key Vault**| Select the Key Vault. |
130
+
|**Azure Key Vault Secret**| Select the Key Vault secret containing the value of your SSH private key.|
132
131
133
-
***Protocol**: Select SSH.
134
-
***Port**: Specify the port number.
135
-
***Authentication type**: Select **Password from Azure Key Vault** from the dropdown.
136
-
***Username**: Enter the username.
137
-
***Subscription**: Select the subscription.
138
-
***Azure Key Vault**: Select the Key Vault.
139
-
***Azure Key Vault Secret**: Select the Key Vault secret containing the value of your SSH private key.
132
+
* If you didn’t set up an Azure Key Vault resource, see [Create a key vault](/azure/key-vault/secrets/quick-create-powershell) and store your SSH private key as the value of a new Key Vault secret.
140
133
141
-
* If you didn’t set up an Azure Key Vault resource, see [Create a key vault](/azure/key-vault/secrets/quick-create-powershell) and store your SSH private key as the value of a new Key Vault secret.
134
+
* Make sure you have **List** and **Get** access to the secrets stored in the Key Vault resource. To assign and modify access policies for your Key Vault resource, see [Assign a Key Vault access policy](/azure/key-vault/general/assign-access-policy-portal).
142
135
143
-
* Make sure you have **List** and **Get** access to the secrets stored in the Key Vault resource. To assign and modify access policies for your Key Vault resource, see [Assign a Key Vault access policy](/azure/key-vault/general/assign-access-policy-portal).
144
-
145
-
* Store your SSH private key as a secret in Azure Key Vault using the **PowerShell** or **Azure CLI** experience. Storing your private key via the Azure Key Vault portal experience interferes with the formatting and result in unsuccessful login. If you did store your private key as a secret using the portal experience and no longer have access to the original private key file, see [Update SSH key](/azure/virtual-machines/extensions/vmaccess-linux#update-ssh-key) to update access to your target VM with a new SSH key pair.
136
+
* Store your SSH private key as a secret in Azure Key Vault using the **PowerShell** or **Azure CLI** experience. Storing your private key via the Azure Key Vault portal experience interferes with the formatting and result in unsuccessful login. If you did store your private key as a secret using the portal experience and no longer have access to the original private key file, see [Update SSH key](/azure/virtual-machines/extensions/vmaccess-linux#update-ssh-key) to update access to your target VM with a new SSH key pair.
146
137
147
138
1. To work with the VM in a new browser tab, select **Open in new browser tab**.
148
139
@@ -152,18 +143,17 @@ Use the following steps to authenticate using a password from Azure Key Vault.
152
143
153
144
Use the following steps to authenticate using an SSH private key from a local file.
154
145
155
-
:::image type="content" source="./media/bastion-connect-vm-ssh-linux/private-key-file.png" alt-text="Screenshot shows private key from local file authentication." lightbox="./media/bastion-connect-vm-ssh-linux/private-key-file.png":::
156
-
157
146
1. To authenticate using a private key from a local file, configure the following settings.
158
147
159
-
***Connection Settings**: Only available for SKUs higher than the Basic SKU.
160
-
161
-
***Protocol**: Select SSH.
162
-
***Port**: Specify the port number.
163
-
***Authentication type**: Select **SSH Private Key from Local File** from the dropdown.
164
-
***Username**: Enter the username.
165
-
***Local File**: Select the local file.
166
-
***SSH Passphrase**: Enter the SSH passphrase if necessary.
1. To authenticate using a private key stored in Azure Key Vault, configure the following settings. For the Basic SKU, connection settings can't be configured and will instead use the default connection settings: SSH and port 22.
179
168
180
-
***Connection Settings**: Only available for SKUs higher than the Basic SKU.
|**Connection Settings**| Only available for SKUs higher than the Basic SKU. |
172
+
|**Protocol**| Select SSH. |
173
+
|**Port**| Specify the port number. |
174
+
|**Authentication type**| Select **SSH Private Key from Azure Key Vault** from the dropdown. |
175
+
|**Username**| Enter the username. |
176
+
|**Subscription**| Select the subscription. |
177
+
|**Azure Key Vault**| Select the Key Vault. |
178
+
|**Azure Key Vault Secret**| Select the Key Vault secret containing the value of your SSH private key.|
181
179
182
-
***Protocol**: Select SSH.
183
-
***Port**: Specify the port number.
184
-
***Authentication type**: Select **SSH Private Key from Azure Key Vault** from the dropdown.
185
-
***Username**: Enter the username.
186
-
***Subscription**: Select the subscription.
187
-
***Azure Key Vault**: Select the Key Vault.
188
180
189
-
* If you didn’t set up an Azure Key Vault resource, see [Create a key vault](/azure/key-vault/secrets/quick-create-powershell) and store your SSH private key as the value of a new Key Vault secret.
190
181
191
-
* Make sure you have **List** and **Get** access to the secrets stored in the Key Vault resource. To assign and modify access policies for your Key Vault resource, see [Assign a Key Vault access policy](/azure/key-vault/general/assign-access-policy-portal).
182
+
* If you didn’t set up an Azure Key Vault resource, see [Create a key vault](/azure/key-vault/secrets/quick-create-powershell) and store your SSH private key as the value of a new Key Vault secret.
192
183
193
-
* Store your SSH private key as a secret in Azure Key Vault using the **PowerShell**or**Azure CLI**experience. Storing your private key via the Azure Key Vault portal experience interferes with the formatting and result in unsuccessful login. If you did store your private key as a secret using the portal experience and no longer have access to the original private key file, see [Update SSH key](/azure/virtual-machines/extensions/vmaccess-linux#update-ssh-key) to update access to your target VM with a new SSH key pair.
184
+
* Make sure you have **List**and**Get**access to the secrets stored in the Key Vault resource. To assign and modify access policies for your Key Vault resource, see [Assign a Key Vault access policy](/azure/key-vault/general/assign-access-policy-portal).
194
185
195
-
***Azure Key Vault Secret**: Select the Key Vault secret containing the value of your SSH private key.
186
+
* Store your SSH private key as a secret in Azure Key Vault using the **PowerShell** or **Azure CLI** experience. Storing your private key via the Azure Key Vault portal experience interferes with the formatting and result in unsuccessful login. If you did store your private key as a secret using the portal experience and no longer have access to the original private key file, see [Update SSH key](/azure/virtual-machines/extensions/vmaccess-linux#update-ssh-key) to update access to your target VM with a new SSH key pair.
196
187
197
188
1. To work with the VM in a new browser tab, select **Open in new browser tab**.
0 commit comments