How can i restrict IP’s to access the ezeelogin portal?

357 Manu Chacko March 28, 2023 Security Features 1961

Restrict IP's to access the ezeelogin portal?

You can limit/restrict the IPs from which the User can connect to Ezeelogin ssh gateway server.

Login to Ezeelogin Webportal > Users > Edit user > Enable Limit IPs
Add the IP / IP ranges of the ssh gateway user. IPs can be specified both individually or in CIDR format.

You can enter IP addresses, one on each line.

IPv4 ranges can be specified using hyphen in the format : 10.10.3.40-45(only the last octet can be used to specify the range)

How to enable IP restriction for all users?

Run the following command to enable IP restriction(limit IP)

root@jumpserver:~# /usr/local/ezlogin/ez_queryrunner.php "UPDATE prefix_users SET ip_enable='Y'";
root@jumpserver:~#/usr/local/ezlogin/ez_queryrunner.php "REPLACE into prefix_user_ips (user_id,ip) SELECT id, 'IP ADDRESS' as ip from prefix_users";

Replace the IP ADDRESS with the one that needs to be restricted.

Example:

root@jumpserver:~# /usr/local/ezlogin/ez_queryrunner.php "REPLACE into tkdd_user_ips (user_id,ip) SELECT id, '5.5.5.5' as ip from tkdd_users";

How to disable IP restriction for all users?

Run the following command to disable IP restriction(limit IP)

root@jumpserver:~#/usr/local/ezlogin/ez_queryrunner.php "UPDATE prefix_users SET ip_enable='N', status=1";

2 people found this article helpful what about you?