Prevent passwords from being recorded when ssh session recording is enabled

To ensure that passwords are not recorded when ssh session recording feature is enabled on the ssh gateway server, simply set the ssh session recording to Output only which means only STDOUT is recorded. This would record only what is displayed on the users screen or terminal which is the STDOUT, so the user input when he runs a command on the ssh session and the output of the command executed is recorded. This is a must for meeting security compliance like PCI DSS, HIPPA, SOC, SOC2, FFIEC, NERC, NIST, CIP, ISO 27001.

 

Navigate to Settings->General->SSH Session Logging to select ssh session recording mode.

ssh session recording

 

Output - Refer to the STDOUT file descriptor in linux. In this mode, what you see on your screen is recorded.

Input- Refers to the STDIN  file descriptor in linux. In this mode,only what you type on the keyboard is recorded, hence when you set a password which is not visible in your monitor gets recorded. Avoid this mode of recording if you DO NOT want the passwords to be recorded.

Both- In this mode both, the STDIN and STDOUT is recorded.

5 (1)
Article Rating (1 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    Set SSH User Expiry
    Viewed 2310 times since Thu, Sep 20, 2018
    record ssh sessions
    Viewed 7447 times since Fri, May 4, 2018
    How to install and configure Eztunnel?
    Viewed 85 times since Mon, Nov 9, 2020
    How to change the private key in use and change the default public key in use?
    Viewed 4037 times since Fri, Dec 1, 2017
    Can I use Google 2FA, Yubikey , DUO simultaneously?
    Viewed 3959 times since Thu, Dec 14, 2017
    How to stream the ssh sessions in real time?
    Viewed 5106 times since Wed, Nov 22, 2017
    Enforcing ssh login shell for ssh gateway users selectively in sshd_config file
    Viewed 462 times since Fri, Sep 4, 2020
    Configure DUO 2FA in Ezeelogin SSH jumphost
    Viewed 3339 times since Thu, Nov 23, 2017
    encryption used in ezeelogin use to secure information stored
    Viewed 2633 times since Thu, Jun 15, 2017
    encryption type used for securing users ssh logs in ezeelogin
    Viewed 2103 times since Thu, Jun 15, 2017