Upgrade Ezeelogin jump server on Primary / Master Node

If you are running Version 5.x.x, you would first need to upgrade to Version 6.0.x before upgrading to Version 7.0.x.

To upgrade to Version 6.0.x, download 6.0.0 and upgrade to Version 6.0.0 first.

http://downloads.ezeelogin.com/ezlogin_6.0.0.bin

To upgrade to Version 7.0.x, download 7.0.x and upgrade

http://downloads.ezeelogin.com/ezlogin_7.0.0.bin

If you are already running Version 6.x.x, you would first need to upgrade to Version 7.0.x before upgrading to Version 7.1.6

To upgrade to Version 7.0.x, download

http://downloads.ezeelogin.com/ezlogin_7.0.0.bin

Once you have upgraded to Version 7.0.0, download version 7.10.0 or latest from the customer portal .

Download the ezeelogin package corresponding to your php version.

For PHP version 7.1 and above (recommended):	https://downloads.ezeelogin.com/ezlogin_7.10.0_php71.bin
For PHP version 5.6 to 7.0 (deprecated):	https://downloads.ezeelogin.com/ezlogin_7.10.0_php56-70.bin
For PHP version 5.3 to 5.5 (end of life):	https://downloads.ezeelogin.com/ezlogin_7.10.0_php53-55.bin

If you are already running Version 7.10.x , you can upgrade to latest Version

Check out the latest system requirements

https://www.ezeelogin.com/user_manual/Systemrequirements.html

You are required to upgrade your Ioncube encoder to the latest version 6 and above. Refer the following article to upgrade Ioncube to the latest.

How do I install ioncube on server?

It is recommended to have the secondary node configured and synchronized (cluster setup) to ensure that we can still login to servers via the secondary node and not locked out in the event of an unsuccessful upgrade.

Install-slave-secondary-node-for-high-availability-in-jump-server

Backup current Ezeelogin installation

Execute the following script on your server to generate a backup of your installation so that you can restore the backup in case the upgrade breaks.Run /usr/local/sbin/backup_ezlogin.php -help for help menu.

[email protected]_gateway:~$/usr/local/sbin/backup_ezlogin.php

The directory /var/log/ezlogin stores the user ssh sessions that is recorded. This dir could run into huge size ( 1GB >) which would cause the backup_ezlogin.php script to take long to complete ( The ssh logs recorded has to be tar 'red and the gzip 'ed compressed which is time and resource intensive) . In such, cases its advisable to skip the ssh logs directory while running the backup _ezlogin.php script as follows so that a backup archive is created super quick.

[[email protected]_gateway ~]# /usr/local/sbin/backup_ezlogin.php -nologs

By default, the backup archives are created in /var/ directory. To change the destination directory, use

[[email protected]_gateway ~]#php /usr/local/sbin/backup_ezlogin.php -out /backup_directory/

This would create a executable archive of your ezeelogin installation in /var/ezlogin_backup_v6.2.0_b167_Fri_Mar_02_2012_04_23_22_CST.bin

Execute the backup bin file to restore if something goes wrong and you would like to revert.

Ok, now that we have the backups ready, let go ahead with the update on the primary node as follows, preferably in screen

Check the /var/log/ezlogin_backup.log for any errors that occurred during the backup process.

Upgrading Ezeelogin jump server

To upgrade ezeelogin, download and run the ezeelogin setup file as follows

Refer the article if you are upgrading PHP. Upgrading PHP along with Ezeelogin upgrade

Refer the article if you get the error ERROR db user: Incorrect datetime value: ’0000-00-00 00:00:00’ for column ’expiry’ at row 1

[email protected]_gateway:~$ sh ezlogin_7.x.x.bin -- -update

Follow the onscreen prompts to complete the upgrade.

To upgrade in one step with your existing settings and without being prompted. Be ready with mysql root password if not in /root/.my.cnf

-dbsuser <username> : Specify database super (root) user name
-dbspass <password> : Specify database super (root) user password

[[email protected]~]# sh ezlogin_7.15.0._x_x.bin -- -dbsuser <enter db (root)username> -dbspass <enter-_(root)db_password> -skipgeolite -auto -force -ACCEPT_SETTINGS -I_ACCEPT_EULA -update

To upgrade in one step and to prevent the backup_ezlogin.php script from generating a backup again. Be ready with mysql root password if not in /root/.my.cnf

[[email protected] ~]# sh ezlogin_7.15.0._x_x.bin -- -dbsuser <enter (root)db username> -dbspass <enter_(root)db_password> -skipgeolite -auto -force -ACCEPT_SETTINGS -I_ACCEPT_EULA -skipbackup -update

Refer ezsh shell disallowed article if you get the error on ssh to the upgraded ssh jump server.

Refer No Two-factor Authentication enabled article if you get the error while login to webpanel after upgrade.

Check the /var/log/ezlogin_update.log for any errors that occurred during the upgrade.

If you are using WEBSSH, WEBRDP OR EZPROXY on Webportal please enter the following command to update the node modules

[email protected]:~# php /usr/local/ezlogin/eztool.php -install_node_modules

Restoring Ezeelogin jump server from backup

If something is broken after the upgrade, no worries. We will restore the backup from the archive that was created. You would first need to uninstall the current installation on the gateway. Run the following script to uninstall

Backup ezeelogin configuration file directory and ssh logs before uninstall

[email protected]_gateway:~# cp /usr/local/etc/ezlogin /usr/local/etc/ezlogin_backup

[email protected]_gateway:~# cp /var/log/ezlogin var/log/ezlogin_backup

roo[email protected]_gateway:~$ /usr/local/sbin/uninstall_ezlogin.php

Now that we have uninstalled, we can go ahead restore the binary backup archive that was created.

[email protected]_gateway:~$sh /var/ezlogin_backup_v7.0.0_b167_Fri_Mar_02_2012_04_23_22_CST.bin

If you want to do the restore in one step with your existing settings and without being prompted.

[email protected]_gateway:~sh ezlogin_backup_v7.9.0_b381_Wed_Feb_13_2019_23_26_03_IST.bin  -- -skipgeolite -auto -force -ACCEPT_SETTINGS -I_ACCEPT_EULA

Replace the backup filename with your backup file. Follow the onscreen prompts to complete the restoration.

Increase php memory in /etc/php.ini if backup restoration fails without any reasons. Do check /var/log/ezlogin_restore.log for errors.

Upgrading Ezeelogin jump server on the Secondary Node

For Ezeelogin Version 7.23.0 and above

This option will support only from Ezeelogin version 7.23.0 and above.

You can upgrade secondary node with following command

[email protected]_gateway:~ sh ezlogin_7.x.x.bin -- -secondary <ip_adress of the secondary/slave node> -othernode <ip_address of master node> -update

You should upgrade slave node only after upgrading master node. If slave node once upgraded, you should need to upgrade master before upgrading slave node again.

For Ezeelogin Version 7.22.0 and below

Unfortunately, the secondary nodes needs to be re-installed for ezeelogin version 7.22.0 and below

Backup ezeelogin configuration file directory and ssh logs directory before uninstall

[email protected]_gateway:~# cp /usr/local/etc/ezlogin /usr/local/etc/ezlogin_backup

[email protected]_gateway:~# cp /var/log/ezlogin /var/log/ezlogin_backup
Uninstall ezeelogin with following command

[email protected]_gateway:~$ /usr/local/sbin/uninstall_ezlogin.php
Download the same package used for the primary

wget https://downloads.ezeelogin.com/ezlogin_7.x.x.bin
Execute the following command

[email protected]_gateway:~sh ezlogin_7.x.x.bin -- -secondary <ip_adress of the secondary/slave node> -othernode <ip_address of master node>

Copy the lic.dat from the /usr/local/etc/ezlogin_backup to /usr/local/etc/ezlogin directory if you are using standalone license. Also copy tls_cert.pem and tls_key.pem to /usr/local/etc/ezlogin directory, if you are using webssh, ezproxy or webrdp feature

Refer the following article to setup secondary node.

Install-slave-secondary-node-for-high-availability-in-jump-server

Upgrade Ezeelogin Jump server to the latest version

Upgrade Ezeelogin jump server on Primary / Master Node