How to use web portal proxy in ezeelogin ?

How to enable web portal with the " use proxy " feature in Ezeelogin?

This feature enables the users to use the Ezeelogin gateway server itself as the proxy server while accessing the web portal. 

1. Install nodejs   using npm and n module

On Centos 7

root@localhost:~ yum install epel-release

root@localhost:~ yum install npm

On Ubuntu 16/18 and Debian 10

root@localhost:~ apt install npm

On Ubuntu 20
root@localhost:~  apt-get update
root@localhost:~  apt install npm

 

2. Install n, Node’s version manager:
If you are not using SSL, you need to set the repo to HTTP by running :

root@localhost:~ npm config set registry  http://registry.npmjs.org/

root@localhost:~  npm install -g n

 

 3. Install node by running :

   To install the latest version: 

root@locallhost:~ n latest
 
To install the corresponding version :  

root@localhost:~ n version.number

For example, the below command will install node 14 
 

root@localhost:~ n 14

 Run the following  command to install node without SSL 
 

root@localhost:~ n --insecure latest   

 To switch between node versions run the following command and refer to the given screenshot.

root@localhost:~  n  

 
 
 
Install the following dependency modules in the gateway server

In  centos
 

[root@centos /]#    yum -y install pango.x86_64 libXcomposite.x86_64 libXcursor.x86_64 libXdamage.x86_64 libXext.x86_64 libXi.x86_64 libXtst.x86_64 cups-libs.x86_64 libXScrnSaver.x86_64 libXrandr.x86_64 GConf2.x86_64 alsa-lib.x86_64 atk.x86_64 gtk3.x86_64 ipa-gothic-fonts xorg-x11-fonts-100dpi xorg-x11-fonts-75dpi xorg-x11-utils xorg-x11-fonts-cyrillic xorg-x11-fonts-Type1 xorg-x11-fonts-misc

In Ubuntu
 

 

root@ubuntu:/#       sudo apt-get install gconf-service libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils libgbm-dev wget
 

 Once installed, ensure that the path to the node binary is specified correctly under  Settings->General->Miscellaneous->Nodejs  Command. The Web SSH Port variable is configurable. Ensure that the port entered here is open for inbound traffic as well.
 
 

The  NodeJS Command field should have the path to the node or nodejs binary which usually is  /usr/bin/node  in the case of  Centos7  and  /usr/bin/nodejs  in the case of  Ubuntu 14-04

Note: Ensure that the node version is 12 and above. Also, make sure the kernel version is 4 and above in the gateway server 

 
 
2. Make sure to  enable 2factor authentication  and install the SSL as outlined below for the webshell icon to be visible.

         To ensure SSL for the browser tab that opens up the web portal, generate  a self-signed cert  with the following command on the jump server/gateway server.

root@jumpserver:~# openssl req -new -days 365 -x509 -nodes -newkey rsa:2048 -out /usr/local/etc/ezlogin/tls_cert.pem -keyout /usr/local/etc/ezlogin/tls_key.pem 

 
Or put a valid ca, cert and key in the files: /usr/local/etc/ezlogin/tls_ca.pem, /usr/local/etc/ezlogin/tls_cert.pem & /usr/local/etc/ezlogin/tls_key.pem respectively. You can rename your current .crt / .key file to .pem file.  
 
Also, make sure that the .pem files are readable by the web server user such as nobody/www-root/apache, etc. An easy way to grant the webuser read privileges would be chmod 644 /usr/local/etc/ezlogin/*.pem
 

3. Install the NodeJS modules dependencies for the WebSSH Console Application.

cd $(awk '/^system_folder/ {print $2}' /usr/local/etc/ezlogin/ez.conf)/application/external/ezproxy/&& npm install

 
 
4. Add web portal and enable the " use proxy"  feature as follows
 
 
 4. Click on the arrow button to load the Web Portal with Useproxy enabled

 
 
Troubleshooting 



  • Ensure that Node version is above 14, Kernal >= 4 and NPM Version is >=5      

[root@jump-host]# npm -v

6.14.6

[root@jump-host]# node -v

v14.10.0    

  To get more detailed errors , append log_level trace  in ez.conf.  
 
Kill the current running node 

root@jump-host:~#  pkill node

Access the web portals and check the application logs under  {system folder}/applicaton/logs/ , ( for example, /var/www/ezlogin/application/logs/log-2020-12-16.php )     to get the command to manually start the web portals. 
 

Note: Append  DEBUG=*   at the beginning of the command which you've got from the application logs. 

 
For example 

root@jump-host:~#  DEBUG=* PORT=52666 XFWD=1 WS=1 SESSION_TIMEOUT=300000 REQUEST_TIMEOUT=120000 DBP='94Y6[@MhW]@Qb' node /var/www/ezlogin/application/external/ezproxy/index.js

 

Webportal proxy may not work in all cases such as when the login is javascript based or when it uses certain dynamic security tokens.The screenshot below shows an example of JSON based webportal:

  

5 (1)
Article Rating (1 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    How to change the default backup directory of Ezeelogin installation ?
    Viewed 683 times since Mon, Apr 6, 2020
    How do I change the password management option for all remote servers ?
    Viewed 394 times since Wed, Jul 22, 2020
    Installing Jump server or Bastion host on a linux host in Google or AWS instance ?
    Viewed 20817 times since Thu, Sep 21, 2017
    How to stream the ssh sessions in real time?
    Viewed 5243 times since Wed, Nov 22, 2017
    header1 : ERROR db gwactivity_logs: Incorrect string value: ’\xDDerrsssi...’ for column ’status’ at row 1"
    Viewed 276 times since Tue, Nov 24, 2020
    Add custom fields on server add form
    Viewed 1452 times since Wed, Mar 27, 2019
    Integrate Ezeelogin SSH Jump host with ELK for SIEM
    Viewed 299 times since Thu, Nov 26, 2020
    Can I use Google 2FA, Yubikey , DUO simultaneously?
    Viewed 4054 times since Thu, Dec 14, 2017
    How to reset Ezeelogin admin user password on new customer portal ?
    Viewed 1243 times since Fri, Jan 18, 2019
    How to retreive db credentials?
    Viewed 669 times since Wed, Apr 29, 2020