setup web ssh console in ezeelogin and ssh via browser

This feature is available from Ezeelogin 7.4.1 and above only. This feature lets you ssh using browser and does not need a ssh terminal.

 
White list your ip address from which you are accessing ,as certain firewall programs may detect the traffic to the port (52222) ( set it up as shown below in the article )  as an anomaly and block your ip, thus blocking  your access to ssh gateway.  
If you are upgrading Ezeelogin ssh gateway software from any version below 7.4.0 then you will have to reset ezeelogin gateway users password within the GUI otherwise you will get black blank screen on accessing web ssh.
Ensure that version of nodejs  is greater than 6.0.0. The web shell will not work if the version is <6.0.0. Check the node version using the command node -v
You can always use ssh clients like Putty in Windows, Terminal in MAC, Konsole,Xterm etc in Linux and ssh to the gateway. 

ssh -p <portnumber <admin_user>@<gateway-ip> would log you in.

 
Web Shell will work only if the web interface is accessed via HTTPS and  uses 2FA to login. Refer Enforce 2FA or Enable Google 2FA and Enforce Https

In CentOS 6

[[email protected] ~]# curl -sL https://rpm.nodesource.com/setup_9.x |bash -

[[email protected] ~]# yum install -y nodejs

[[email protected] ~]# node -v
v9.5.0


In CentOS 7

 [[email protected] /]# yum -y install nodejs

 [[email protected] /]# node -v

v6.12.0


In Ubuntu 14.04

[email protected]:/# curl -sL https://deb.nodesource.com/setup_9.x |bash -

[email protected]:/# apt-get install nodejs

[email protected]:~# node -v

v9.4.0

 

In Ubuntu 16.1

[email protected]:/# curl -sL https://deb.nodesource.com/setup_9.x |bash -

[email protected]:/# apt-get install nodejs

[email protected]:~# node -v

v9.4.0

 

 

In Ubuntu 18

apt-get install nodejs

/usr/bin/node -v

 v8.10.0

 

Once installed, ensure that the path to the node binary is specified correctly under Settings->Generalsettings->Miscellaneous->Nodejs Command. The Web SSH Port variable is configurable. Ensure that port entered here is open for inbound traffic as well.

webshell

The  NodeJS Command field should have the path to the node or nodejs binary which usually is /usr/bin/node in the case of Centos7 and /usr/bin/nodejs in the case of Ubuntu 14-04

Ensure that inbound tcp traffic on port 52222 is open as nodejs server listens on this port. The command 'which node' or  'which nodejs' or 'whereis nodejs'  , 'whereis node' would give you the path to the node binary. Run 'node -v/nodejs -v' and ensure that the version of node to be used is above 6.0.0

 

Make sure to enable 2factor authentication and install the ssl as outlined below for the webshell icon to be visible.

On the ssh jump host, do the following

To ensure ssl for the browser tab that opens up the web ssh console, generate a self-signed cert with following command

[email protected]:~# openssl req -new -days 365 -x509 -nodes -newkey rsa:2048 -out /usr/local/etc/ezlogin/tls_cert.pem -keyout /usr/local/etc/ezlogin/tls_key.pem 

Or put a valid ca, cert and key in the files: /usr/local/etc/ezlogin/tls_ca.pem, /usr/local/etc/ezlogin/tls_cert.pem & /usr/local/etc/ezlogin/tls_key.pem respectively. You can rename your current .crt / .key file to .pem file

 

Also, ensure that password authentication is enabled from localhost alone in the sshd configuration file( /etc/sshd/sshd_config ) on the jump server.Add the following parameters to the END of /etc/sshd/sshd_config file.

Match Address 127.0.0.1

PermitRootLogin yes

PubkeyAuthentication yes

PasswordAuthentication yes

  

Ensure that the user or the Usergroup has the privilege to access the webshell feature. Grant it as follows. Access Control->UserGroup-Action-><select user group->Servers->web ssh Console

web-shell-acl

webshell-acl

 

Click on the Web SSH Console feature under the Servers tab

web ssh

 

The web ssh console  would open on browser tab and will look as shown below.

 

web shell

4 (3)
Article Rating (3 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
    Viewed 2725 times since Tue, Jan 2, 2018
    Class ’DOMDocument’ not found
    Viewed 381 times since Thu, Oct 25, 2018
    How do i configure Ezeelogin to authenticate using OpenLdap or Window AD server?
    Viewed 1839 times since Wed, Jan 24, 2018
    Configure Automatic su or sudo
    Viewed 2938 times since Thu, Jun 15, 2017
    Can’t connect to local MySQL server through socket ’3306 ’ in ezsh.log
    Viewed 1454 times since Thu, Jun 15, 2017
    Connection has been closed. Another user may have logged in on the remote windows machine
    Viewed 1875 times since Thu, Jun 15, 2017
    Setting session time out for the webinterface
    Viewed 2289 times since Wed, Jun 14, 2017
    "Blank page" error in webssh console
    Viewed 1142 times since Tue, Jan 30, 2018
    Configuration and error log files to check for troubleshooting
    Viewed 3492 times since Thu, Jun 15, 2017
    Internal command ezinfo or ezlist does not work even though i am in the admins group.
    Viewed 2202 times since Thu, Nov 23, 2017