How to prevent passwords from being recorded using SSH session recording feature?

To ensure that passwords are not recorded when ssh session recording feature is enabled on the ssh gateway server, simply set the "SSH session recording" to Output only which means only STDOUT is recorded. This would record only what is displayed on the users screen or terminal which is the STDOUT, so the user input when he runs a command on the ssh session and the output of the command executed is recorded. This is a must for meeting security compliance like PCI DSS, HIPPA, SOC, SOC2, FFIEC, NERC, NIST, CIP, ISO 27001.

Follow the below steps to choose the ssh session recording mode

>> Login to webGUI

>> Settings--> General Settings

>> Select the 'SSH Session Logging' mode as 'Output'

>> Save

Note : 

Output     - Refer to the STDOUT file descriptor in linux. In this mode, what you see on your screen is recorded.

Input       - Refers to the STDIN  file descriptor in linux. In this mode,only what you type on the keyboard is recorded, hence when you set a password which is not visible in your monitor gets recorded. Avoid this mode of recording if you DO NOT want the passwords to be recorded.

Both        - In this mode both, the STDIN and STDOUT is recorded.

Refer the screenshot