AWS Security Blog How to Record SSH Sessions Established Through a Bastion Host A bastion host is a server whose purpose is to provide access to a private network from an external network, such as the Internet. Because of its exposure to potential attack, a bastion host must minimize the chances of penetration. For example, you can use a bastion host to mitigate the risk of allowing SSH connection
![How to Record SSH Sessions Established Through a Bastion Host | Amazon Web Services](https://cdn-ak-scissors.b.st-hatena.com/image/square/d0c65d048e3ef572a7befd54cbf301150f233d20/height=288;version=1;width=512/https%3A%2F%2Fd2908q01vomqb2.cloudfront.net%2F22d200f8670dbdb3e253a90eee5098477c95c23d%2F2017%2F11%2F15%2FNM_diagram_061316_a1.png)