Configure four eyes authorization

165 admin July 12, 2024 Security Features, Two Factor Authentication ( 2FA ) 6380

How to configure Four eyes authorization in Ezeelogin?

Overview:This article helps Ezeelogin admin users on configuring four-eye authorization, so that the gateway user would have to be authorized by another user with four eyes authorization privilege in access control to view the SSH logs of any user.

Four-eye authorization in Ezeelogin is used to view the recordings of any user with only two-factor authentication.

Step 1: Login to Ezeelogin GUI -> Settings -> General -> Security -> Four eyes authorization

Step 2: Make sure Four Eyes Authorization Privilege is enabled for the user who would be granting access to view ssh logs. Go to Access Control-> User-Action and grant the user Four Eye Authorization Privilege.

Step 3: Ensure that one of the two-factor authentication methods Google 2FA, Yubikey, or DUO Security is configured for the four eyes authorizing user. Refer below example to setup Google 2FA.

Step 4: After configuring four eyes authorization for viewing ssh logs, navigate to Users -> SSH Logs -> select user and server -> View SSH Log

Step 5: To view the SSH logs, the name and two-factor code of the user with four-eye authorization privileges must be entered.

Step 6: The user will now be able to view the SSH log with four eyes authorization.

Related Articles:

Record ssh sessions

Viewing SSH Logs History for an SSH Gateway User in the Ezeelogin Web GUI

Is it possible to view all ssh logs of a deleted user ?

View SSH logs of all users

2 people found this article helpful what about you?