How to ensure that password are not recorded when ssh session recording is enabled to meet security compliances like PCI DSS 3.2 , HIPAA, SOX, SOC2, FFIEC, NERC CIP, ISO 27001 ?

To ensure that passwords are not recorded when ssh session recording is enabled, simply set the ssh session recording to Output only which means only STDOUT is recorded. This would record only what is displayed on the users screen or terminal which is the STDOUT, so the user input when he runs a command on the ssh session and the output of the command executed is recorded.

 

Navigate to Settings->General->SSH Session Logging to select ssh session recording mode.

ssh session recording

5 (1)
Article Rating (1 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    Can I use Google 2FA, Yubikey , DUO simultaneously?
    Viewed 2631 times since Thu, Dec 14, 2017
    Configure DUO 2FA in Ezeelogin SSH jumphost
    Viewed 2099 times since Thu, Nov 23, 2017
    record rdp session
    Viewed 973 times since Thu, Dec 6, 2018
    Enable Google reCaptcha
    Viewed 470 times since Fri, Feb 1, 2019
    Configure four eyes authorization
    Viewed 1898 times since Fri, Dec 1, 2017
    How to ensure that ssh jump host users are not using previous password set to meet security compliances such as PCI DSS , SOX, HIPAA , NIST , MAS, SOC2, FFIEC, NERC CIP , ISO 27001
    Viewed 1349 times since Wed, Feb 28, 2018
    How to enforce 2 Factor Authentication on user login?
    Viewed 1247 times since Wed, Sep 19, 2018
    How do i restrict commands that a user can execute in ssh in ezsh shell ?
    Viewed 2539 times since Wed, Jun 14, 2017
    How to disable web terminal appllication in Cpanel ?
    Viewed 1777 times since Fri, Jun 29, 2018
    Record ssh sessions
    Viewed 3137 times since Fri, May 4, 2018