setup web ssh console in ezeelogin and ssh via browser
This feature is available from Ezeelogin 7.4.1 and above only. This feature lets you ssh using browser and does not need a ssh terminal.
[root@camry ~]# curl -sL https://rpm.nodesource.com/setup_9.x |bash -
[root@camry ~]# node -v
In Ubuntu 16.1
root@ubu16:~# node -v
Make sure to enable 2factor authentication and install the ssl as outlined below for the webshell icon to be visible.
On the ssh jump host, do the following
To ensure ssl for the browser tab that opens up the web ssh console, generate a self-signed cert with following command
root@jumpserver:~# openssl req -new -days 365 -x509 -nodes -newkey rsa:2048 -out /usr/local/etc/ezlogin/tls_cert.pem -keyout /usr/local/etc/ezlogin/tls_key.pem
Or put a valid ca, cert and key in the files: /usr/local/etc/ezlogin/tls_ca.pem, /usr/local/etc/ezlogin/tls_cert.pem & /usr/local/etc/ezlogin/tls_key.pem respectively. You can rename your current .crt / .key file to .pem file
Also, make sure that the .pem files are readable by the webserver user such as nobody/www-root/apache etc. Easy way to grant the webuser read privileges would be chmod 644 /usr/local/etc/ezlogin/*.pem
Also, ensure that password authentication is enabled from localhost alone in the sshd configuration file( /etc/sshd/sshd_config ) on the jump server.Add the following parameters to the END of /etc/sshd/sshd_config file.
Match Address 127.0.0.1
Ensure that the user or the Usergroup has the privilege to access the webshell feature. Grant it as follows. Access Control->UserGroup-Action-><select user group->Servers->web ssh Console
Click on the Web SSH Console feature under the Servers tab
The web ssh console would open on browser tab and will look as shown below.