jump server installation

How to install ezeelogin SSH Jump server (also called "bastion host / SSH jump host") ?  

 
FREE 24/7 INSTALLATION & DEMO  BY SUPPORT TEAM

We can guide you or install & configure Ezeelogin SSH Jump server software for you and give you a demo on how to use it at no extra charge.  Contact our  24/7 Support Desk   to schedule your free or guided installation. Also, schedule a free introductory session to get to know on how to use Ezeelogin Jump server solution effectively and ask your questions with our engineers.

 

1.Login to your  customer portal  and issue the 30 day trial license for the  jump server  IP of the server where you intend to install Ezeelogin ssh jump host software.
 

     If you are unsure on what your jump server IP is, simply logon to your ssh jump server and run the command

wget -qO- http://ezeelogin.com/myip

     

 

If your ssh jump server is behind a NAT in a private lan behind a firewall, you can still install Ezeelogin bastion host  software. You just need to find your public ip by running the above command on your ssh gateway server and issue the license for the public facing ip.

 

 

 

ezeelogin license    

 

2. Install jump server dependency packages     

     

Most Linux OS ( CentOS 6,7 / Ubuntu 14,16,18 / Debian 9 / RHEL 6,7  )    are supported but supporting packages has to be installed manually. 

       Refer the system requirement below

Hardware Requirements

 

  • Minimum 512 MB Ram
  • Minimum 1 Ghz processing power
  • Virtual Server or Dedicated server.

 

Software Requirements

 

  • OS Architecture (64 bit Linux[Centos/RHEL/Ubuntu]).
  • Web server (apache, lighttpd, nginx etc.)
  • MySQL server (from version 5.5 to 5.7)/MariaDB ( from version 5.1 to 10.1)
  • PHP (from version 5.3.x and above,  upto <= php 7.2)
  • Ioncube loader version 10 and above for PHP
  • MySQLi extension for PHP
  • JSON extension for PHP
  • Mcrypt extesion for PHP
  • LDAP extension for PHP (for LDAP webpanel authentication)
  • Nodejs
  • OpenSSL
 
Ensure the following conditions are met on your ssh  jump server

Firewall on the jump server should allow outbound connection to license.ezeelogin.com on port 443 to fetch the license and download the software from downloads.ezeelogin.com 

telnet license2.ezeelogin.com 443 

Connected to license2.ezeelogin.com.

Escape character is '^]'. 

 

telnet license.ezeelogin.com 443 

Connected to license.ezeelogin.com.

Escape character is '^]'. 

 

telnet downloads.ezeelogin.com 80 

Connected to downloads.ezeelogin.com. 

Escape character is '^]'.

Ensure SELINUX is disabled on the jump server. The command #sestatus would show if it’s active or not. If it not installed, then its fine. Refer Disable Selinux to disable it

sestatus

SELinux status:                 disabled

Ensure time on jump server is accurate. Use the command #ntpdate pool.ntp.org to sync time.

ntpdate pool.ntp.org

26 Sep 16:32:03 ntpdate[15219]: adjust time server 133.243.238.244 offset -0.124881 sec

Ensure that Root SSH login on the jump server is enabled and SSH key based authentication is enabled in SSHD. The below example enables root access only from the ip 127.0.0.1 and it allows only key based authorization which makes it secure.

nano /etc/sshd/sshd_config

Match Address 127.0.0.1

PermitRootLogin yes

PubkeyAuthentication yes

  

 

  How to install Jump server  in Centos 6.x ?

 
 
  Enter the following command on your terminal to install ezeelogin dependency package on centos 6

[email protected]:~# yum -y install epel-release httpd openssl php php-mysql php-process php-common php-cli php-mcrypt bzip2 mod_ssl mysql mysql-server php-ldap ; yum -y install php-mcrypt 

[email protected]:~# curl -sL https://rpm.nodesource.com/setup_9.x |bash -

[email protected]:~# yum install -y nodejs

[email protected]:~# service mysqld start  

 

  Make sure that web server and SQL server startup on boot

[email protected]:~#  chkconfig   mysqld on

[email protected]:~#  chkconfig   httpd   on

 

  Set the root password with following command

[email protected]:~#   mysql_secure_installation

 

  How to install Jump server  in Centos 7.x ?

 

  Enter the following command on your terminal to install ezeelogin dependency package on centos 7

[email protected]:~#  yum -y install epel-release httpd openssl php php-mysql php-process php-common php-cli php-mcrypt mariadb-server bzip2 mariadb mod_ssl php-ldap nodejs; yum -y install php-mcrypt

[email protected]:~#   service mariadb start 

 

  Make sure that web server and SQL server startup on boot

[email protected]:~#  systemctl enable mariadb 

[email protected]:~#  systemctl enable httpd

 

  Set the root password with following command

[email protected]:~#    mysql_secure_installation

  

  How to install Jump server  in Ubuntu 14.x ?

 

  Enter the following command on your terminal to install ezeelogin dependency package on Ubuntu 14

[email protected]:~#  apt-get update; apt-get install php5 apache2 mysql-server libapache2-mod-php5 php5-curl php5-mysql php5-mcrypt php5-ldap nodejs

 

  Enable php-mcrypt extension by following command

[email protected]:~# php5enmod mcrypt

 

  How to install Jump server  in Ubuntu 16.x ?

 

  Enter the following command on your terminal to install ezeelogin dependency package on Ubuntu 16

[email protected]:~# apt update ; apt-get install php mysql-server apache2 php-mcrypt libapache2-mod-php7.0 php-mysql php-curl php7.0-xml php-ldap nodejs

 

 How to install Jump server   in Ubuntu 18 ?

 

  Enter the following command on your terminal to install ezeelogin dependency package on Ubuntu 18

[email protected]:~# apt update ; apt-get install php mysql-server apache2 libapache2-mod-php7.2 php-mysql php-curl php7.2-xml php7.2-ldap nodejs

[email protected]:~#  apt install php-dev libmcrypt-dev php-pear ; apt-get -y install gcc make autoconf libc-dev pkg-config

[email protected]:~#  apt-get -y install php7.2-dev ; apt-get -y install libmcrypt-dev

[email protected]:~#  sudo pecl install mcrypt-1.0.1

[email protected]:~#   echo "extension=mcrypt.so" >> /etc/php/7.2/cli/php.ini

  How to install Jump server   in  Debian 9 ?

 

   Enter the following command on your terminal to install ezeelogin dependency package on Debain 9

[email protected]:~# apt update; apt install php mariadb-client mariadb-server apache2 php-mcrypt libapache2-mod-php7.0 php7.0-mysql php-curl php7.0-xml php7-ldap nodejs

 

 

3. Download & install Ioncube Loader

 

   Ezeelogin  jump server  software  is encrypted with ioncube loader.You need to download & install ioncube loader to decrypt before jump server installation.Refer     the  following article to download & install ioncube loader.

 

 

4. Download & Install ezeelogin ssh  jump server software  or bastion host software.

 
If you are using a proxy server in a LAN for outbound connection, do check out  Will Ezeelogin jump server work behind a firewall or NAT or behind a Proxy?  

 

You may download the ezeelogin jump server package corresponding to your  PHP version installed on your server

download ezeelogin jump server 

Execute the following command as the root user on your server.

 

[email protected]:~# wget http://downloads.ezeelogin.com/ezlogin_7.x.x.bin

 

   You can install ezeelogin jump server by simply executing installation script

[email protected]:~# sh ezlogin_7.x.x.bin

   Follow the prompts and the installation would complete without issues.

   

you need to accept the licence agreement by typing " I AGREE "     

Type "I AGREE" and press enter to accept the license:

 

you may be prompted to enter the missing settings. The default value will be given in bold. Simply pressing enter key will choose the default value.

 

Enter the path where web panel files should be installed.

This path should be accessible via a web browser.

The directory should not exist, but its parent directory should exist.

 

path to install web panel files ( /var/www/html/ezlogin ):

 

You need to specify the Document root here ,if it is different from default else you press enter to choose default.

 

Enter the path where web panel system files should be installed.

This should be preferably outside the DocumentRoot (should not be accessible via web browser) for security reasons.

If safe_mode restriction is enabled, this path should be allowed for include with safe_mode_include_dir

The directory should not exist, but its parent directory should exist.

 

path to install web panel system files ( /var/www/ezlogin ):

 

If you need to access the ezeelogin jump server webpanel as  www.yourdomain.com   choose   "   /  "  & change your document root to  {your existing document root}/ezlogin. For example ,If your document root is /var/ww/html change to /var/ww/html/ ezlogin , else press enter to choose default

  

For example, if the DocumentRoot of http://www.yourdomain.com/ is /usr/local/apache/htdocs/yourdomain and you specified /usr/local/apache/htdocs/yourdomain/ezlogin as path to install web panel, the web panel would be accessible as http://www.yourdomain.com/ezlogin/. In this case the REQUEST-URI would be ’/ezlogin/’.

If you specified DocumentRoot itself as the path to install web panel files, it would be ’/’

 

URI path to access the web panel ( /ezlogin/ ):

 

hostname or IP address of MySQL server.

If the MySQL server is running on this system itself, use ’localhost’

 

MySQL server ( localhost ):

    

port or path to unix socket used by the MySQL server.

 

MySQL port/socket ( 3306 ):

 

Enter the username with super user (root) privileges for the database server.

This is usually ’root’, sometimes ’admin’ etc.

MySQL super user ( root ):

 

Please enter the password for the database super user.

MySQL super user password:

 

Do NOT enable this if you are not sure. You can always manually enable after installation as well. This is useful only if you will be setting up master/slave node for redundancy.

Enable this option to use MySQL SSL connectivity when using a cluster so that mysql communication between the primary and secondary gateways would be encrypted

Do you want to use secure MySQL connection (yes/no) ? ( no ):

 

      Refer the below articles to configure MySQL SSL configuration

 

 

Enter the ezlogin Administrator username (less than 21 chars).

This user should not exist on this system. It will be created.

admin user ( ezadm118 ): 

 

Enter the password for ezlogin Administrator.

admin password ( }AkJy.%R3TQaX(P ):

 

Enter the security code for ezlogin Administrator.

security code ( FIyW6x7Lbz ):

 

Whether web panel should force HTTPS (secure) protocol or not. [yes/no]

Force HTTPS for web panel? ( no ):

 

Refer the following article to configure secure web panel (https)

 

 

 

Review settings:

Install web panel files in                                  : /var/www/html/ezlogin/

Install web panel system files in                           : /var/www/ezlogin/

URI path to access web panel                                : /ezlogin/

MySQL server                                                : localhost

MySQL port/socket                                           : 3306

Force HTTPS for web panel?                                  : no

Secure MySQL connection?                                    : no

Admin user                                                  : admin

Admin password                                              : admin

Admin security code                                         : admin

Note these down for future reference. Certain values such as passwords cannot be retrieved after setup.

Accept the above settings? ( y /n/x) :

 

Creating and setting up database... done

Adding ezsh to shells... done

Creating group and users... done

Creating directories... done

Copying files... done

Setting access... done

Setting file modes... done

Setting file owners... done

Setting file groups... done

Setting up config... done

Setting up cron... done

Downloading GeoLiteCity database from www.maxmind.com... done

########################################################

Ezeelogin installed. (Log: /var/log/ezlogin_install.log )

########################################################

###################################################################

 Web panel installed at:

  /var/www/html/ezlogin/

  ( http://yourdomain.com/ezlogin/ ).

###################################################################

Note: Please check the log file to see if any error occurred.

 

TODO NOTES:

Enable web server, MySQL server and cron to startup at boot time.

 

For free assistance, please contact [email protected]

 

Thank you for choosing Ezeelogin.

www.ezeelogin.com

 

If  SSH Daemon on ssh jump host is running on a non standard port other than 22, do update Gateway SSH Port in the Webgui.

 
Access the web gui as follows.
 
jump server web interface
 
 
Access the SSH backend using ssh clients such as Putty on Windows, Terminal on Mac, or console in Linux.  
 
jump server shell
 
 
FREE 24/7 INSTALLATION & DEMO  BY SUPPORT TEAM

We can guide you,install it for you and give you a demo on how to use it at no extra charge.  Contact our  24/7 Support Desk  to schedule your free or guided installation. Also, schedule a free introductory session to get to know on how to use Ezeelogin Jump server solution effectively and ask your questions with our engineers.

 

5 (8)
Article Rating (8 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    Installing Jump server or Bastion host on a linux host in Google or AWS instance ?
    Viewed 1395 times since Thu, Sep 21, 2017
    How to install ioncube on jump server?
    Viewed 14802 times since Wed, Jun 14, 2017
    Install slave / secondary node for high availability in jump server
    Viewed 1216 times since Wed, Jun 14, 2017
    What operating systems and platforms are supported to install jump server?
    Viewed 1589 times since Wed, Jun 14, 2017
    Can i install the ssh jumpbox behind a firewall?
    Viewed 1225 times since Wed, Jun 14, 2017
    How to secure SSH jump server / SSH bastion host / SSH gateway
    Viewed 2289 times since Thu, Jun 15, 2017
    How to add a ssh gateway user in ezeelogin ?
    Viewed 258 times since Tue, Sep 18, 2018
    Upgrade Jump server or Bastion host installation?
    Viewed 1817 times since Thu, Aug 24, 2017
    The IP field must contain a valid public IP or how to install Ezeelogin on a machine in lan
    Viewed 1512 times since Wed, Jun 14, 2017
    Add a Linux server or a Linux instance into the Ezeelogin ssh jumphost?
    Viewed 823 times since Fri, Feb 23, 2018