Upgrade Ezeelogin Jump server to the latest version

Upgrade Ezeelogin jump server on Primary / Master Node

If you are running Version 5.x.x, you would first need to upgrade to Version 6.0.x before upgrading to Version 7.0.x.

  • To upgrade to Version 6.0.x, download 6.0.0 and upgrade to Version 6.0.0 first.
  • To upgrade to Version 7.0.x, download 7.0.x and upgrade

If you are already running Version 6.x.x, you would first need to upgrade to Version 7.0.x before upgrading to Version 7.1.6 

  • To upgrade to Version 7.0.x, download 
  •   Once you have upgraded to Version 7.0.0, download version 7.1.6 or latest from the portal on to your gateway server.

If you are already running Version 7.x.x ,you can upgrade to latest Version 

 

Check out the latest system requirements

You are required to upgrade your Ioncube encoder to the latest version 6 and above. Refer the following article to upgrade Ioncube to the latest.

It is recommended to have the secondary node configured and synchronized (cluster setup) to ensure that we can still login to servers via the secondary node and not locked out in the event of an unsuccessful upgrade.

 


Backup current Ezeelogin installation 

Execute the following script on your server to generate a backup of your installation so that you can restore the backup in case the upgrade breaks.Run /usr/local/sbin/backup_ezlogin.php -help for help menu. 

root@gateway:~$/usr/local/sbin/backup_ezlogin.php

The directory /var/log/ezlogin stores the user ssh sessions  that is recorded. This dir could run into huge size ( 1GB >) which would cause the backup_ezlogin.php script to take long to complete ( The ssh logs recorded has to be tar 'red and the gzip 'ed compressed which is time and resource intensive) .  In such, cases its advisable to skip the ssh logs directory while running the backup _ezlogin.php script as follows so that a backup archive is created super quick.

          [root@gateway ~]#  /usr/local/sbin/backup_ezlogin.php -nologs

By default, the backup archives are created in /var/ directory. To change the destination directory,  use 

           [root@gateway ~]#php /usr/local/sbin/backup_ezlogin.php -out /backup_directory/


This would create a executable archive of your ezeelogin installation in /var/ezlogin_backup_v6.2.0_b167_Fri_Mar_02_2012_04_23_22_CST.bin

Execute the backup bin file to restore if something goes wrong and you would like to revert. 

Ok, now that we have the backups ready, let go ahead with the update on the primary node as follows, preferably in screen

You can check the  /var/log/ezlogin_backup.log to see if there are any errors occurred during the backup process.



Upgrading Ezeelogin jump server 

 To upgrade ezeelogin, download and run the ezeelogin setup file as follows

Refer the article if you are upgrading PHP.  Upgrading PHP along with Ezeelogin upgrade
Refer the article if you get the error ERROR db user: Incorrect datetime value: ’0000-00-00 00:00:00’ for column ’expiry’ at row 1

root@gateway:~$ sh ezlogin_7.x.x.bin -- -update

Follow the onscreen prompts to complete the upgrade.

To upgrade in one step with your existing settings and without being prompted.  Be ready with mysql root password if not in /root/.my.cnf

[root@gateway~]#  sh ezlogin_7.15.0._x_x.bin --  -skipgeolite    -auto -force   -ACCEPT_SETTINGS    -I_ACCEPT_EULA   -update

To upgrade in one step and to prevent the backup_ezlogin.php script from generating a backup again. Be ready with mysql root password if not in /root/.my.cnf

[root@gateway ~]#   sh ezlogin_7.15.0._x_x.bin --  -skipgeolite    -auto -force   -ACCEPT_SETTINGS    -I_ACCEPT_EULA   -skipbackup -update

Login into the GUI, ezsh shell and remote servers to ensure that primary node has been upgraded successfully.

Refer ezsh shell disallowed article if you get the error on ssh to the upgraded ssh jump server. 

You can check the  /var/log/ezlogin_update.log to see if there are any errors occurred while upgrading ezeelogin.

 

Restoring Ezeelogin jump server from backup 


If something is broken after the upgrade, no worries. We will restore the backup from the archive that was created. You would first need to uninstall the current installation on the gateway. Run the following script to uninstall

 

root@gateway:~$ /usr/local/sbin/uninstall_ezlogin.php


Now that we have uninstalled, we can go ahead restore the binary backup archive that was created.

sh /var/ezlogin_backup_v7.0.0_b167_Fri_Mar_02_2012_04_23_22_CST.bin

 

If you want to do the restore in one step with your existing settings and without being prompted.

 

sh ezlogin_backup_v7.9.0_b381_Wed_Feb_13_2019_23_26_03_IST.bin  -- -skipgeolite -auto -force -ACCEPT_SETTINGS -I_ACCEPT_EULA

 Replace the backup filename with your backup file. Follow the onscreen prompts to complete the restoration.

Increase php memory in /etc/php.ini if  backup restoration fails without  any reasons. Do check /var/log/ezlogin_restore.log for errors.




Upgrading Ezeelogin jump server on the Secondary Node
 

Unfortunately, the secondary nodes needs to be re-installed and we are working toward a seamless secondary upgrade as well. 

On the secondary node do the following to set it up again.

  • Uninstall ezeelogin with following command

    root@gateway:~$ /usr/local/sbin/uninstall_ezlogin.php

  • Download the same package used for the primary

    wget https://downloads.ezeelogin.com/ezlogin_7.x.x.bin

     

  • Execute the following command

    sh ezlogin_7.x.x.bin -- -secondary <ip_adress of the secondary/slave node> -othernode <ip_address of master node>

 

Refer the following article to setup secondary node.

 

3 (2)
Article Rating (2 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    Install slave / secondary node for high availability in jump server
    Viewed 3700 times since Wed, Jun 14, 2017
    How to install ioncube on jump server?
    Viewed 21201 times since Wed, Jun 14, 2017
    How to install Ezeelogin with a standalone license ?
    Viewed 184 times since Tue, Mar 10, 2020
    How to secure SSH jump server / SSH bastion host / SSH gateway
    Viewed 5474 times since Thu, Jun 15, 2017
    Enable SSH Key based authentication and Disable Password Authentication in ssh
    Viewed 219 times since Tue, Apr 21, 2020
    The IP field must contain a valid public IP or how to install Ezeelogin on a machine in lan
    Viewed 3495 times since Wed, Jun 14, 2017
    Installing Jump server or Bastion host on a linux host in Google or AWS instance ?
    Viewed 3000 times since Thu, Sep 21, 2017
    How to renew/update standalone license ?
    Viewed 444 times since Thu, Feb 27, 2020
    What operating systems and platforms are supported to install jump server?
    Viewed 3482 times since Wed, Jun 14, 2017