LogoLogo
Main SiteStart Now
  • Home
    • What Is BastionZero?
      • Server Access
      • Database Access
      • Kubernetes Access
      • Web Server Access
    • Product Security
    • Architecture
    • Taxonomy
  • Deployment
    • Getting Started
    • Installing the ZLI
    • Installing the Agent
    • Installing the Desktop App
  • Automation & Integrations
    • CircleCI
    • GitHub Actions
    • Go SDK
    • Google Cloud Run
    • Slack
      • Using the BastionZero app for Slack
    • Terraform
    • Third-Party Clients
  • Admin Guide
    • Authentication
      • SSO Management
      • User Management
      • MFA Management
      • Service Accounts Management
    • Authorization
    • Auditing
    • Target and Connection Management
  • How To Guides
    • Passwordless Database Access
      • Passwordless Access to MySQL and Postgres on GCP Cloud SQL
      • Passwordless Access to AWS RDS PostgreSQL
      • Passwordless Access to AWS RDS MySQL
      • Passwordless Access to Self-Hosted Postgres
    • How to use BastionZero to connect to a Linux Host using the ZLI
    • How to use BastionZero to manage SSH Keys
  • User Guide
    • Installing the ZLI
    • ZLI Cheat Sheet
    • Connecting to Your Targets
    • Troubleshooting Guide
  • ZLI Reference Manual
  • API Specification
  • Getting Help
  • Security Policy
  • Open Source Software Credits
    • Backend Services
    • Bzero Agent
    • Client Daemon
    • Desktop App
    • Go SDK
    • Helm Provider
    • Terraform Provider
    • Web App
    • ZLI
  • Product Changes
  • Service Status
  • GitHub
Powered by GitBook

Copyright © 2024

On this page
  1. Home
  2. What Is BastionZero?

Server Access

Server support brings MrZAP technology, policy-based access control, and user visibility for remote hosts directly into the BastionZero SaaS

PreviousWhat Is BastionZero?NextDatabase Access

Last updated 6 months ago

The BastionZero product is maintained for existing BastionZero customers only.

Moving forward, we are natively rebuilding BastionZero’s technology as Cloudflare’s service.

BastionZero allows you to secure your remote Linux hosts using Zero Trust Access by leveraging our multi-root zero trust protocol (MrZAP) and without the need for using Secure Shell (SSH).

With BastionZero, you can:

  • Support access to your servers even if they are on private IPs

  • Close SSH ports on your servers

  • Eliminate management of server account passwords and SSH keys

  • Control who has access to what account on which servers (e.g. Alice has access to root account on server centos-nyc-123)

  • Obtain an audit trail of who logged into what machine as which account, and what commands were run

  • Obtain ascii-cinema session recordings of their interactive sessions

  • Eliminate single points of compromise associated with jump hosts and VPNs using our MrZAP protocol

See for instructions on securing your server with BastionZero.

Using package managers, zli Quickstart, or a Bash or Ansible script will implement the autodiscovery process. Once BastionZero's bzero agent is installed, it will phone home to BastionZero using either your organization's default registration API key's secret or a short-lived activation token.

Access for Infrastructure
Server Deployment