I have created Azure Baston Host and VM in my Azure Subscription, I am able to SSH to my VM from Azure Portal by giving username and password, I am looking for alternate SSH method like CLI SSH.
I don't want to use Browser based SSH from Azure Portal, Please let me know any method to SSH to VM through Bastion Host from CLI.
On
Azure Bastion now offers support for connecting to target VMs in Azure using a native RDP or SSH client on your Windows workstation.
Native client support is not yet available for use from your local Linux workstation.
More info here: https://learn.microsoft.com/en-us/azure/bastion/connect-native-client-windows
az login
az account set --subscription "<subscription ID>"
az network bastion ssh \
--name "<BastionName>" \
--resource-group "<ResourceGroupName>" \
--target-resource-id "<VMResourceId>" \
--auth-type "ssh-key" \
--username "<Username>" \
--ssh-key "<Filepath>"
I had this problem and solve it with Apache Guacamole. I've installed it on a Virtual Machine (with docker), but I guess you can use container instances or something like that. It also integrates very well with Azure AD for SSO. Guacamole is free, runs on cheap VMs, and is more flexible. In fact, their interfaces are almost the same. It seems Azure Bastion is just a deployment of Guacamole, managed by MicroSoft.
That does not seem valid with Azure Bastion involved as far as I understand your requirement.
Azure Bastion, by design, is a service that's meant to provide RDP/SSH connectivity to your VMs directly from the Azure portal over TLS. It is architected as a PaaS service and is fully managed by the platform itself.
Here is how an Azure Bastion deployment looks like:
As depicted above, the Bastion host is deployed in a VNet and the user connects to the Azure portal using any HTML5 browser.
If this does not fit your use case, you might have to consider building your own jumpbox and custom-configure your NSGs to harden security.