Technical

 Copy/Transfer files from my local desktop to Ezeelogin Gateway You can use 'WinSCP' or 'FileZilla' Application or 'sftp' or scp command to transfer files from your desktop or local machines to the remote ssh jump server. Once the file is on the... Read More

Is it  possible to install Ezeelogin jump server on a linux host in Google or AWS cloud instance?         Yes, it is possible to install Ezeelogin on a linux hosting Google, AWS, Azure, Bluemix or any other cloud.  ... Read More

Tunnel Host feature lets you add in server in a LAN or behind router on a different network into the Ezeelogin SSH gateway.  As shown in the diagram below, Server A & B can be added into the SSH Jumphost even though they are behind a NAT... Read More

Configure Certificate-Based SSH User Authentication Support for certificate authentication of users and hosts using the new OpenSSH certificate format was introduced in Red Hat Enterprise Linux 6.5, in the  openssh-5.3p1-94.el6  package.... Read More

How to install OpenLDAP and phpldapadmin in CentOS 7? 1. Install openldap packages. [email protected] ~]# yum install openldap openldap-servers openldap-clients -y 2. Start and enable openldap service. [email protected] ~]# systemctl start slapd &... Read More

Stream SSH in real-time In order to stream the ssh session of users in real time, click on SSH Log Note that ssh live streaming is possible only for ongoing ssh sessions only and not for sessions that have ended. SSH Live streaming is possible... Read More

Parallel shell by default is disabled for all users except for the admin user created at the time of installation and has to be granted explicitly. To grant Parallel Shell access to a user, Go to Access Control->User -Action->Servers->Allow... Read More

We have multiple groups in LDAP for different users who have different authorization groups, so if we map these user groups via LDAP will these users get access to the authorized servers?        Yes, all you need to do is create a user group... Read More

Webportals is not available for a user The web portal is not available for a user if the admin user has not given permission to access the portals for that user.      Go to the web panel and navigate to the tab Under Access-Control >>... Read More

Google 2FA, Yubikey and DUO can be configured and set for use simultaneously in the web panel.  The ssh jumphost user can set the all the three 2FA and can use any of it to authenticate depending on the users choice. If the User has... Read More

Why is there a cost while downgrading? Why is that i am charged more than what i have purchased?The Ezeelogin license upgrade is done in the following way.1.When an upgrade is done, a new expiry period is set 30 days/1 month from the date of upgrade... Read More

Simply ssh into the ssh jump host as an ssh gateway user. Once you are logged into the ezsh shell, press  F1 or  +  on the keyboard. Read More

We would advise you setup a failover slave node and have an offshore backup ready so that you can easily restore the backup and get rolling in less than 30 minutes. Read More

No, the license would be cached for 3 days on your machine and also the license servers is redundant. Read More

In the web gui, navigate to Help->About and it will help you find the Ezeelogin version being run   In the Ezeelogin backend interface ( ezsh ), press F3  or |   If you have access to the ssh jump box,  then login into command line and then... Read More

Enabling key based authentication in SSH and enabling root login in SSH. vi /etc/ssh/sshd_config PubkeyAuthentication yes PermitRootLogin yes Restart the ssh deamon so that the new settings comes into effect.  service sshd restart Read More

How to add custom fields on the server add form while adding a server?   1) Click on the settings -> server field -> add custom server field       2) You will able to view the custom field while adding the server by... Read More

When the user is deleted, the logs are still kept.  Although it’s not directly searchable with the username from the Ezeelogin web panel because the user is not listed in the drop-down,  you can search with other parameters such as... Read More

It is not possible to disable security code  that is prompted when you ssh into your Jump server.  Doing it would introduce a security hole as it would let users with root access to your Jump server box to simply execute a su - <... Read More

There are no information transferred to the ezeelogin license servers. Only the license data is fetched from the license servers. The size of the license data would be less than 10Kb. Read More

The server details are stored in mysql databases on your servers only. We do not store any information but the license information only. Read More

On the firewall on your Ezeelogin installed gateway servers, enable outbound port  443 traffic to license.ezeelogin.com and license2.ezeelogin.com Read More

Following are the encryption algorithms used in ezeelogin to ensure that the data stored in ezeelogin cannot be compromised.    The User passwords and security codes stored in the ezeelogin database uses multiple rounds SHA512, SHA256,... Read More

How to view the encrypted Ezeelogin database password  from Ezeelogin configuration file  ( /usr/local/etc/ezlogin/ez.conf ) version 2 ? The DB password are encrypted in Ezeelogin configuration (From ezeelogin version version 7.17 for... Read More

We have made use of the latest cipher and encryption technologies available in the industry today to ensure data security The User passwords and security codes stored in the ezeelogin database uses multiple rounds SHA512, SHA256, BLOWFISH or DES... Read More

How to enable web portal with the " use proxy " feature in Ezeelogin? This feature enables the users to use the Ezeelogin gateway server itself as the proxy server while accessing the web portal.  Note: Ensure that the node version is 12 and... Read More

Install OpenLDAP and LDAP Admin on Ubuntu Make sure to set your system hostname and add it to file  /etc/hosts.  Replace admod.ezeelogin.com with your hostname or valid domain name. [email protected]:~# hostnamectl set-hostname admod.ezeelogin.com Â... Read More

1.  Log in to ezeelogin  New customer portal 2.  Click on  License tab               3. Click on Recover Password option corresponding to your license.                 4.  Click GENERATE button.              5. Copy ... Read More

 Integrate & Configure  RADIUS Authentication in Ezeelogin. Navigate to Settings -> RADIUS and enter the RADIUS server hostname,  RADIUS Client shared secret and the authentication port.   2. Under Settings -> General... Read More

WEBSOCKET SERVER DISCONNECTED: transport close This error occurs when the user is not present in the system , enabling auto-create feature will solve the issue. This feature auto-creates a system user , when an ldap-user login to the web. The... Read More

Change the default backup directory To change the default backup directory while running the ezeelogin bacup script backup_ezlogin.php, use the " -out " parameter with the backup script followed by the specified directory. [email protected]:~# ... Read More

Disable 2FA from Ezeelogin GUI? 1. You can disable 2FA under Settings >> General>> Two Factor Authentication. Untick the checkboxes for 2FA which are  Enable Google Authenticator, Enable Duo, Enable Yubikey, Enable Access Keyword and... Read More

Integrating Ezeelogin SSH gateway with ELK stack for SIEM In the example below, we would be installing ElasticSearch and Kibana on the monitoring server [monitor.eznoc.com ( Centos 7 OS)] and the Logstash daemon on the Ezeelogin Jumphost server. ... Read More

To suspend all accounts  through db please do the following steps. 1. Find database name and database prefix from /usr/local/etc/ezlogin/ez.conf in ezeelogin gateway server. 2. Login to mysql console 3. use db_name  4. Run this query. ... Read More

Install Ezeelogin on SELINUX enabled Environment    We can install Ezeelogin on SELINUX enabled environment, We need to whitelist all required services manually on SELINUX.You can check the allowed and blocked AVC by entering "... Read More

Authentication of SSH users using Public keys fetched from Active Directory server    Extending the Active Directory schema to add ssh key attribute in windows server 2012  and 2016. 1. Launch a cmd prompt then spin up an Administrator cmd by... Read More

How a normal user acquire root privilege for a particular period of time. A normal user can attain root privilege for particular time if the administrator grants permission , the following are the steps Note: The server must be added into the... Read More

How do I change the Ezeelogin password management option to "automatic" for all remote servers? Refer Password management in Ezeelogin to get more ideas about different password management options in Ezeelogin.  Take a backup of the Ezeelogin... Read More

Ezeelogin restore/backup crashes abruptly without any error   Find the restore backup logs under the /var/log/ directory.  If the restore or backup logs contain similar content as given below increase the PHP limit in the php.ini... Read More

Transfer Ezeelogin SSH session logs recorded to a remote server 1. Create a Linux system user on the remote server to which  the ssh session log files has to be transferred.   You can skip this step if a Linux system user already... Read More

" perl: warning: Setting locale failed " on accessing remote servers from Ezeelogin  1. For the above warning message in remote servers, clear the Environment variables provided in the Ezeelogin GUI by clicking Settings > General >... Read More

 LICENSE ERROR: Could not resolve host: license.ezeelogin.com ( after migrating a standalone license)    If you are getting the above error on the license tab of Ezeelogin GUI after migrating the standalone license, make sure that... Read More

ERROR DB gwactivity_logs: Incorrect string value during Ezeelogin upgrade  For the above error, you need to set the status of the " gwactivity_logs " table to empty for row 1. Gateway Activity Logs stores the details of all the Ezeelogin users... Read More

How to decrypt the encrypted SSH logs in Ezeelogin to a CSV file? Run the following command to decrypt the logs. Replace the log file name with your log file path. [email protected]:# /usr/local/ezlogin/eztool.php -show_log /var/log/ezlogin/full... Read More

Do LDAP users require a new password and security code? Passwords need not be created but security code should ideally be created for the LDAP users or you can use the LDAP password for security code as well. However, it is recommended to keep the... Read More