Functionality Issues (Login)

1、How to retrieve the forgotten password of bastion host?

(Note: The following operation is also applicable when the account is locked)

For normal users:

Admin logs into the console to reset the password

Users who forget their password can retrieve it by their mobile phone number.

For admin users:

Admin users can retrieve the password through the mobile phone number by clicking “forgot password”; if the mobile phone number is not bound, please contact the product manager.

2、Bastion host IP or user lock

ps: Recommended to enable user lock and disable IP lock

3、How to adjust the resolution after logging into the resource?

Answer: It is currently automatically adjusted based on the window size.

Answer: Take Chrome browser as an example, please check if the browser is blocking it and allow pop-ups.

For Apple’s Safari browser, you first need to complete your preferences settings by unchecking the box for blocking pop-up windows.

5、Why is the Windows resource account invalid when verification, but actually it can be logged in?

Answer: This is usually because the customer’s Windows resource has not turned off the firewall and configured the SMB service. Here are the specific configuration steps:

① Turning off the firewall

Go to Control Panel -> System and Security -> Windows Firewall, and select ‘open or close the firewall’

Choose to turn off the firewall

② Starting the relevant configurations

Go to the control panel, select “network and INTERNET” and go to “network and sharing center”. As shown in the image below, choose the active network as “network: work network”.

Choose “change advanced sharing settings” on the left.

Enter the advanced sharing settings and select the arrow to unfold the detailed settings, like the image below.

Set as shown below, start the relevant configuration.

Finally, save your changes. Now you can use the function of verifying windows resource accounts in the bastion host.

6、Logging in to the bastion host with the SecureCRT client shows failure?

Answer: When using the SecureCRT client to log in to the bastion host (port 22222), it may fail and display the following error:

This is a known issue between the SSH client and the server, can be avoided by modifying the client options:

As shown in the above figure, select to enter the session options configuration page, remove the check mark for the SHA2-512 option, save and exit, and log in to the bastion host again.

7、Error in bastion host connection on MAC terminal?

Answer: Because the cached host information has changed, execute the following command: rm –rf ~/.ssh/known_hosts

Answer: Use the remote command ssh -l username -p port host -o serveraliveinterval=60 to resolve. (It has been planned to be solved in the new version)

9、How to unlock the locked bastion host account?

Go to [User/User Management], select multiple users to be operated in batches in the user list, as shown in Figure 5-1-22, and enter the user batch operation interface. You can choose to unlock or lock users.

10、How to bind the mobile token?

Answer: 1. Open the bastion host and click on the personal center in the upper right corner.

As in the figure: select the mobile token — use WeChat to scan and get the mini-program — use the mini-program to scan the QR code of the mobile token to get dynamic password — enter dynamic password — confirm, complete binding.

The page of the Bastion Host mini-program is as shown in the figure: Scan the QR code to get the dynamic password, as shown in the figure.

Contact the staff to unlock from the backstage.