Upgrade Ezeelogin Jump server to the latest version
Upgrade Ezeelogin jump server on Primary / Master Node
If you are running Version 5.x.x, you would first need to upgrade to Version 6.0.x before upgrading to Version 7.0.x.
- To upgrade to Version 6.0.x, download 6.0.0 and upgrade to Version 6.0.0 first.
- To upgrade to Version 7.0.x, download 7.0.x and upgrade
If you are already running Version 6.x.x, you would first need to upgrade to Version 7.0.x before upgrading to Version 7.1.6
- To upgrade to Version 7.0.x, download
- Once you have upgraded to Version 7.0.0, download version 7.10.0 or the latest from the customer portal.
Download the ezeelogin package corresponding to your PHP version.
| For PHP version 7.1 and above (recommended): | https://downloads.ezeelogin.com/ezlogin_7.10.0_php71.bin |
| For PHP version 5.6 to 7.0 (deprecated): | https://downloads.ezeelogin.com/ezlogin_7.10.0_php56-70.bin |
| For PHP version 5.3 to 5.5 (end of life): | https://downloads.ezeelogin.com/ezlogin_7.10.0_php53-55.bin |
If you are already running Version 7.10.x, you can upgrade to the latest version. The latest version of Ezeelogin can be downloaded from your customer portal area.
Check out the latest system requirements
You are required to upgrade your Ioncube encoder to the latest version 6 and above. Refer to the following article to upgrade Ioncube to the latest.
It is recommended to have the secondary node configured and synchronized (cluster setup) to ensure that we can still log in to servers via the secondary node and not be locked out in the event of an unsuccessful upgrade.
Backup current Ezeelogin installation
Execute the following script on your server to generate a backup of your installation so that you can restore the backup in case the upgrade breaks. Run /usr/local/sbin/backup_ezlogin.php -help for the help menu.
[email protected]_gateway:~$/usr/local/sbin/backup_ezlogin.php
The directory /var/log/ezlogin stores the user ssh sessions that are recorded. This dir could run into huge size ( 1GB >) which would cause the backup_ezlogin.php script to take long to complete ( The ssh logs recorded has to be tar 'red and the gzip 'ed compressed which is time and resource intensive). In such, cases its advisable to skip the ssh logs directory while running the backup _ezlogin.php script as follows so that a backup archive is created super quickly.
[[email protected]_gateway ~]# /usr/local/sbin/backup_ezlogin.php -nologs
By default, the backup archives are created in /var/ directory. To change the destination directory, use
[[email protected]_gateway ~]#php /usr/local/sbin/backup_ezlogin.php -out /backup_directory/
This would create an executable archive of your ezeelogin installation in /var/ezlogin_backup_v6.2.0_b167_Fri_Mar_02_2012_04_23_22_CST.bin
Execute the backup bin file to restore if something goes wrong and you would like to revert.
Ok, now that we have the backups ready, let go ahead with the update on the primary node as follows, preferably in the screen
Check the /var/log/ezlogin_backup.log for any errors that occurred during the backup process.
Upgrading Ezeelogin jump server
To upgrade ezeelogin, download and run the ezeelogin setup file as follows
[email protected]_gateway:~$ sh ezlogin_7.x.x.bin -- -update
Follow the onscreen prompts to complete the upgrade.
To upgrade in one step with your existing settings and without being prompted. Be ready with mysql root password if not in /root/.my.cnf
-dbsuser <username> : Specify database super (root) user name
-dbspass <password> : Specify database super (root) user password
[[email protected]~]# sh ezlogin_7.15.0._x_x.bin -- -dbsuser <enter db (root)username> -dbspass <enter-_(root)db_password> -skipgeolite -auto -force -ACCEPT_SETTINGS -I_ACCEPT_EULA -update
To upgrade in one step and to prevent the backup_ezlogin.php script from generating a backup again. Be ready with mysql root password if not in /root/.my.cnf
[[email protected] ~]# sh ezlogin_7.15.0._x_x.bin -- -dbsuser <enter (root)db username> -dbspass <enter_(root)db_password> -skipgeolite -auto -force -ACCEPT_SETTINGS -I_ACCEPT_EULA -skipbackup -update
Frequently occurring issues after the upgrade.
Refer remote host identification changed article to reset fingerprint on all remote servers.
Refer remote host identification changed article to reset the fingerprint of the gateway machine to add or edit users.
Refer view/hide IP address article to grant the privilege to view the IP of remote servers. (This feature is available from 7.29.2)
Refer configure DUO article if you get "invalid_grant" or "An Error Was Encountered" in Ezeelogin GUI.
Refer your system folder path does not appear to be set correctly article to correct the file permissions.
Refer Error while logging into Ezeelogin GUI article if get the login expired error in Ezeelogin software GUI
Check the /var/log/ezlogin_update.log for any errors that occurred during the upgrade.
[email protected]:~# php /usr/local/ezlogin/eztool.php -install_node_modules
Restoring Ezeelogin jump server from backup
If something is broken after the upgrade, no worries. We will restore the backup from the archive that was created. You would first need to uninstall the current installation on the gateway. Run the following script to uninstall
[email protected]_gateway:~# cp /usr/local/etc/ezlogin /usr/local/etc/ezlogin_backup
[email protected]_gateway:~# cp /var/log/ezlogin var/log/ezlogin_backup
[email protected]_gateway:~$ /usr/local/sbin/uninstall_ezlogin.php
Now that we have uninstalled it, we can go ahead and restore the binary backup archive that was created.
[email protected]_gateway:~$sh /var/ezlogin_backup_v7.0.0_b167_Fri_Mar_02_2012_04_23_22_CST.bin
If you want to do the restore in one step with your existing settings and without being prompted.
Replace the backup filename with your backup file. Follow the onscreen prompts to complete the restoration.
Increase PHP memory in /etc/php.ini if backup restoration fails without any reason. Do check /var/log/ezlogin_restore.log for errors.
Refer to the following article to restore ssh logs if you have skip logs while backup ezeelogin.
Upgrading Ezeelogin jump server on the Secondary Node
For Ezeelogin Version 7.23.0 and above
This option will support only from Ezeelogin version 7.23.0 and above.
You can upgrade secondary node with following command
You should upgrade slave node only after upgrading master node. If slave node once upgraded, you should need to upgrade master before upgrading slave node again.
For Ezeelogin Version 7.22.0 and below
Unfortunately, the secondary nodes need to be re-installed for ezeelogin version 7.22.0 and below
- Backup ezeelogin configuration file directory and ssh logs directory before uninstall
[email protected]_gateway:~# cp /usr/local/etc/ezlogin /usr/local/etc/ezlogin_backup
[email protected]_gateway:~# cp /var/log/ezlogin /var/log/ezlogin_backup
- Uninstall ezeelogin with following command
[email protected]_gateway:~$ /usr/local/sbin/uninstall_ezlogin.php
- Download the same package used for the primary
-
Execute the following command
Copy the lic.dat from the /usr/local/etc/ezlogin_backup to /usr/local/etc/ezlogin directory if you are using the standalone license. Also, copy tls_cert.pem and tls_key.pem to /usr/local/etc/ezlogin directory, if you are using webssh, ezproxy or webrdp feature
Refer to the following article to set up a secondary node.