setup web ssh console in ezeelogin and ssh via browser
This feature is available from Ezeelogin 7.4.1 and above only. This feature lets you ssh using browser and does not need a ssh terminal.
[root@camry ~]# curl -sL https://rpm.nodesource.com/setup_9.x |bash -
[root@camry ~]# node -v
In Ubuntu 16.1
root@ubu16:~# node -v
Alternatively you can install node using npm and n module
1. Install n, Node’s version manager:
If you are not using ssl, you need to set the repo to http by running : npm config set registry http://registry.npmjs.org/
For n module use insecure to install without ssl : n --insecure latest
Make sure to enable 2factor authentication and install the ssl as outlined below for the webshell icon to be visible.
On the ssh jump host, do the following
To ensure ssl for the browser tab that opens up the web ssh console, generate a self-signed cert with following command
root@jumpserver:~# openssl req -new -days 365 -x509 -nodes -newkey rsa:2048 -out /usr/local/etc/ezlogin/tls_cert.pem -keyout /usr/local/etc/ezlogin/tls_key.pem
Or put a valid ca, cert and key in the files: /usr/local/etc/ezlogin/tls_ca.pem, /usr/local/etc/ezlogin/tls_cert.pem & /usr/local/etc/ezlogin/tls_key.pem respectively. You can rename your current .crt / .key file to .pem file
Also, make sure that the .pem files are readable by the webserver user such as nobody/www-root/apache etc. Easy way to grant the webuser read privileges would be chmod 644 /usr/local/etc/ezlogin/*.pem
Also, ensure that password authentication is enabled from localhost alone in the sshd configuration file( /etc/sshd/sshd_config ) on the jump server.Add the following parameters to the END of /etc/sshd/sshd_config file.
Match Address 127.0.0.1
Ensure that the user or the Usergroup has the privilege to access the webshell feature. Grant it as follows. Access Control->UserGroup-Action-><select user group->Servers->web ssh Console
Click on the Web SSH Console feature under the Servers tab
The web ssh console would open on browser tab and will look as shown below.