Skip to Content

How to transfer Ezeelogin SSH session logs recorded to a remote server ?

346  Manu Chacko October 19, 2020  Technical

Transfer Ezeelogin SSH session logs recorded to a remote server

1. Create a Linux system user on the remote server to which  the ssh session log files has to be transferred.  

You can skip this step if a Linux system user already exists on the remote machine

 
   Add user with the following command. You can replace the username "backup-user"  with username of your choice.

root@remote-server:~#useradd backup-user

   
2. Setup SSH-KEY based authentication for passwordless authentication
   

 a. Create a ssh key pair on the server using the following  command on the Jumpserver.

root@jumpserver:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:eUKBEdUlDVzQgCKT3QHBVwHHCH0IjWa8cDdNkRBrvZM [email protected]
The key’s randomart image is:
---[RSA 2048]----
|     =B#B/@%o    |
|    = @ @=B.o    |
|     B = o.      |
|      .o . o     |
|        S E      |
|         o .     |
|                 |
|                 |
|                 |
----[SHA256]-----

 Now, the public key has been saved in the file /root/.ssh/id_rsa.pub and private key in /root/ssh/id_rsa

b. Paste the public key in the remote server users "backup-user" authorized key file.

root@remote-server:~# vi /home/backup-user/.ssh/authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzCOoNRS9t6Eg86XMmnH9V8irlmDQn+G1x+d41aIEwrgllgrfCHe1QwJeTUhME7SnarbjmVLQfYuSVLpb0BtFoqdHQXY/Kp6yuyuJWsRntiPzH5YuVhN0zaITdmnmALTLip9A9hi+pbMy51tDAwJCJPJjvf51VW313ddG9lxmWbzHTHbIQHwV0TPFP8lj2BDDCSL5nw+2QiQ+R36GI8YVpn0aB1RqRMCPyE+lWJOsvfRs+SvUawkbUgTCg9nhEBPb/Xj1INtZnU6A0J2T6mk5tsMb70pEvDWbd6QPpwhOo/3UT5vk5Qt4Q+RBKyheS6jP7lhlpfG9cwtqYRmZ3n74f8qnmwiRCVppiRmSW6YepM0/KoL1byk7RVbaiYWxQZJwdiH/Xfda/nGji6cb0mrsBxKV7QXpF/kstlMQ7zT5HoEGXRYRN4rll+ekCFnpFkCjZ75ss+hOwrmd1iW9luiGdHiV3aQaGTMxWqD48OXXZuoAeC6NVE5LEiqRbOn4W3KPDky4b490UedMhpRdhVXm+Ow3GQJgCPOGqbPP2Huftxn5ZIm3XGfW85J4SsChQ+b3jrxeZF5h/e+nrYWqoTbPxH7DCWVRoI1lu174eBkdUR5oJc4C5v5qTbyzqNE6WK3jsgcazfK32eabCyKfH2AeKAGZM1o4Zn3MozmGFKfNrw

So that you can  ssh to remote server from the Jumpserver without password

 

3.  Copy/sync logs from Ezeelogin Jumpserver to the remote server using rsync command.

    

root@jumpserver:~# rsync -av /var/log/ezlogin  [email protected]:/home/backup-user/ 

 

If you want to copy a ssh user log file to the remote server,  use the following command 

root@jumpserver:~# rsync -av /var/log/ezlogin/full/ezadm622/acer~test.centos2.com  [email protected]:/home/logs/
Rating: 5 (1 Votes)