Merge pull request #6 from berkas1/master

OpenStack docs updates

Merge pull request #6 from berkas1/master
25c19cff · Adrián Rošinec · GitHub · 87c6cada · dacc2cb4 · 25c19cff
Unverified Commit 25c19cff authored 2 years ago by Adrián Rošinec Committed by GitHub 2 years ago
--- a/topics/compute/openstack/docs/how-to-guides/accessing-instances.md
+++ b/topics/compute/openstack/docs/how-to-guides/accessing-instances.md
@@ -79,8 +79,8 @@ To connect to instances running on OpenStack, you can use one of the available a
 - **Contact support**: If you are unable to resolve the issue on your own, contact your OpenStack support team for further assistance. Be sure to provide as much information as possible, including error messages and steps you have already taken to troubleshoot the issue.
 ## Security Considerations
- **Use SSH keys**: When accessing instances, it is important to use SSH keys. Avoid using keys that are easy to guess or brute force.
+- **Use SSH keys**: Always use SSH keys (instead of passwords) to access instances. Passwords are susceptible to brute force attacks.
 - **Restrict network access**: To minimize the risk of unauthorized access, it is recommended to restrict network access to only the necessary ports and protocols needed to access the instances. Security groups can be used to control inbound and outbound traffic to instances.
 - **Limit user access**: Only users who need to access instances should have the necessary credentials to do so. It is important to restrict user access to only the instances they need to work on and remove access when it is no longer needed.
 - **Monitor access logs**: Monitoring access logs can help detect and prevent unauthorized access. OpenStack provides logs that track user access and activity within the environment, and users should review these logs on a regular basis.
- **Keep instances up-to-date**: Keeping instances up-to-date with the latest security patches and updates can help prevent security vulnerabilities from being exploited. It is recommended to regularly apply updates and patches to instances to maintain their security posture.
+- **Keep instances up-to-date**: Keeping instances up-to-date with the latest security patches and updates can help prevent security vulnerabilities from being exploited. It is recommended to regularly apply updates and patches to instances to maintain their security posture. Utilities like [unattended-upgrades](https://wiki.debian.org/UnattendedUpgrades) or [dnf-automatic](https://dnf.readthedocs.io/en/latest/automatic.html) can help you automate security updates.
--- a/topics/compute/openstack/docs/technical-reference/remote-access.md
+++ b/topics/compute/openstack/docs/technical-reference/remote-access.md
@@ -9,6 +9,17 @@ search:
 ## Accessing From Linux
+### Using jump host and SSH ProxyJump
+To access an individual instance via a jump host/bastion server, the ProxyJump option (-J) of the SSH client can be used. This feature was introduced in [SSH 7.3](https://www.openssh.com/txt/release-7.3).
+To use it, provide the username and hostname of the jump host as an argument to the `-J` parameter followed by the username and hostname of the target instance:
+```shell
+ssh -J user@jump.host user@target.host
+```
 ### Setting Up VPN Tunnel Via Encrypted SSH With [sshuttle](https://github.com/sshuttle/sshuttle)
 ``` sh