Usage Precautions

Flagship Edition

1. The Flagship Edition Bastion Host can only be upgraded, not downgraded

2. Please contact us to replace the license after the upgrade to manage more hosts.

3. Since the bastion host is a logically cascaded device and all access to the managed devices needs to be proxied and forwarded by the bastion host, the bastion host can easily become the bottleneck of resource access. It is recommended to improve the resource configuration of the bastion host based on actual usage.

4. Since access to resources must first go through the bastion host, the original automatic operation and maintenance scripts will be invalidated when connecting to resource equipment, and adjustments need to be made to the original automatic operation and maintenance server.

5. When the bastion host enables multi-factor authentication, the original automated operation and maintenance scripts cannot achieve multi-factor authentication and cannot automatically log in to the server. It is necessary to disable multi-factor authentication for the automated operation and maintenance server.

6. When the bastion host enables SMS multi-factor authentication, it is necessary to ensure network connectivity with the third-party SMS authentication platform to ensure the normal operation of the multi-factor authentication method.

7. For a large number of third-party software installed on the managed servers, automatic login cannot be achieved, and it needs to adapt to specific customer requirements.

8. When using the APP, make sure that the APP can access the bastion host server, otherwise the APP cannot be used normally.

9. Due to the architectural differences between version 2.9.2 and previous version 2.3.2, an automatic upgrade from 2.3.2 to 2.9.2 is not feasible. If you need to upgrade, please contact tech support for manual upgrade operation.

10. Automated operation and maintenance does not provide an interactive interface between the user and the target host, hence it does not support the execution of interactive commands. In addition, it does not support stream operator commands (such as <, >, |, & etc.) and commands that cannot be ended automatically (like top, vi, etc.)

11. The Syslog server port is a corresponding UDP port and does not currently support TCP ports.

12. The recent login resource list in the user’s system desktop does not include sessions that are logged in by SSH clients.

13. The pre-set command feature newly added by the APP is provided for the APP to execute common combination commands conveniently. It can be viewed on the Web side but does not support modifications.

14. After authorization to log in to an FTP-type host, it only supports the “Authorized Host Account” method. It does not support the “Authorize the Host only” login method.

15. Before logging in to an FTP-type host, please fill in the public network address or domain name of the bastion host at the bottom of the [Advanced Management/System Settings/Security Settings] page, otherwise, some FTP clients may not be able to log in.

16. Before logging in to an FTP-type host, please fill in the correct FTP default encoding (UTF-8 or GBK) at the bottom of the [Advanced Management/System Settings/Security Settings] page according to the settings of the FTP server side, and choose the same encoding method on the FTP client. Otherwise, Chinese garbled text may appear after logging in to the FTP server.

17. After logging in to the FTP server through the bastion host, the accessed IP (or source IP) displayed in real-time sessions, historic sessions, and system logs is the IP of the bastion host.

18. After the user connects to the FTP service, since the third-party FTP client will establish a session respectively when starting a connection and transferring data, two concurrent sessions will be displayed, occupying two concurrent session numbers.

19. When resources expire, if not renewed in time, they will be discontinued and reclaimed, including host, image, EIP, and other resources.