Copy/Transfer files from my local desktop to Ezeelogin Gateway You can use 'WinSCP' or 'FileZilla' Application or 'sftp' or scp command to transfer files from your desktop or local machines to the remote ssh jump server. Once the file is on the... Read More
Technical
Is it possible to install Ezeelogin jump server on a linux host in Google or AWS cloud instance? Yes, it is possible to install Ezeelogin on a linux hosting Google, AWS, Azure, Bluemix or any other cloud. ... Read More
Tunnel Host feature lets you add in server in a LAN or behind router on a different network into the Ezeelogin SSH gateway. As shown in the diagram below, Server A & B can be added into the SSH Jumphost even though they are behind a NAT... Read More
Configure Certificate-Based SSH User Authentication Support for certificate authentication of users and hosts using the new OpenSSH certificate format was introduced in Red Hat Enterprise Linux 6.5, in the openssh-5.3p1-94.el6  package.... Read More
How to install OpenLDAP and phpldapadmin in CentOS 7? 1. Install openldap packages. [email protected]Â ~]#Â yum install openldap openldap-servers openldap-clients -y 2. Start and enable openldap service. [email protected]Â ~]#Â systemctl start slapd &... Read More
Stream SSH in real-time In order to stream the ssh session of users in real time, click on SSH Log Note that ssh live streaming is possible only for ongoing ssh sessions only and not for sessions that have ended. SSH Live streaming is possible... Read More
Parallel shell by default is disabled for all users except for the admin user created at the time of installation and has to be granted explicitly. To grant Parallel Shell access to a user, Go to Access Control->User -Action->Servers->Allow... Read More
We have multiple groups in LDAP for different users who have different authorization groups, so if we map these user groups via LDAP will these users get access to the authorized servers? Â Â Â Â Yes, all you need to do is create a user group... Read More
Webportals is not available for a user The web portal is not available for a user if the admin user has not given permission to access the portals for that user.   Go to the web panel and navigate to the tab Under Access-Control >>... Read More
Google 2FA, Yubikey and DUO can be configured and set for use simultaneously in the web panel. The ssh jumphost user can set the all the three 2FA and can use any of it to authenticate depending on the users choice. If the User has... Read More
Why is there a cost while downgrading? Why is that i am charged more than what i have purchased?The Ezeelogin license upgrade is done in the following way.1.When an upgrade is done, a new expiry period is set 30 days/1 month from the date of upgrade... Read More
Simply ssh into the ssh jump host as an ssh gateway user. Once you are logged into the ezsh shell, press F1 or + on the keyboard. Read More
We would advise you setup a failover slave node and have an offshore backup ready so that you can easily restore the backup and get rolling in less than 30 minutes. Read More
No, the license would be cached for 3 days on your machine and also the license servers is redundant. Read More
In the web gui, navigate to Help->About and it will help you find the Ezeelogin version being run  In the Ezeelogin backend interface ( ezsh ), press F3 or |  If you have access to the ssh jump box, then login into command line and then... Read More
Enabling key based authentication in SSH and enabling root login in SSH. vi /etc/ssh/sshd_config PubkeyAuthentication yes PermitRootLogin yes Restart the ssh deamon so that the new settings comes into effect. service sshd restart Read More
How to add custom fields on the server add form while adding a server? 1) Click on the settings -> server field -> add custom server field 2) You will able to view the custom field while adding the server by... Read More
When the user is deleted, the logs are still kept. Although it’s not directly searchable with the username from the Ezeelogin web panel because the user is not listed in the drop-down, you can search with other parameters such as... Read More
It is not possible to disable security code that is prompted when you ssh into your Jump server. Doing it would introduce a security hole as it would let users with root access to your Jump server box to simply execute a su - <... Read More
There are no information transferred to the ezeelogin license servers. Only the license data is fetched from the license servers. The size of the license data would be less than 10Kb. Read More
The server details are stored in mysql databases on your servers only. We do not store any information but the license information only. Read More
On the firewall on your Ezeelogin installed gateway servers, enable outbound port 443 traffic to license.ezeelogin.com and license2.ezeelogin.com Read More
Following are the encryption algorithms used in ezeelogin to ensure that the data stored in ezeelogin cannot be compromised. The User passwords and security codes stored in the ezeelogin database uses multiple rounds SHA512, SHA256,... Read More
How to view the encrypted Ezeelogin database password from Ezeelogin configuration file ( /usr/local/etc/ezlogin/ez.conf ) version 2 ? The DB password are encrypted in Ezeelogin configuration (From ezeelogin version version 7.17 for... Read More
We have made use of the latest cipher and encryption technologies available in the industry today to ensure data security The User passwords and security codes stored in the ezeelogin database uses multiple rounds SHA512, SHA256, BLOWFISH or DES... Read More
How to enable web portal with the " use proxy " feature in Ezeelogin? This feature enables the users to use the Ezeelogin gateway server itself as the proxy server while accessing the web portal. Note: Ensure that the node version is 12 and... Read More
Install OpenLDAP and LDAP Admin on Ubuntu Make sure to set your system hostname and add it to file /etc/hosts. Replace admod.ezeelogin.com with your hostname or valid domain name. [email protected]:~# hostnamectl set-hostname admod.ezeelogin.com Â... Read More
1.  Log in to ezeelogin  New customer portal 2. Click on License tab        3. Click on Recover Password option corresponding to your license.          4. Click GENERATE button.        5. Copy ... Read More
Integrate & Configure RADIUS Authentication in Ezeelogin. Navigate to Settings -> RADIUS and enter the RADIUS server hostname, RADIUS Client shared secret and the authentication port. 2. Under Settings -> General... Read More
WEBSOCKET SERVER DISCONNECTED: transport close This error occurs when the user is not present in the system , enabling auto-create feature will solve the issue. This feature auto-creates a system user , when an ldap-user login to the web. The... Read More
Change the default backup directory To change the default backup directory while running the ezeelogin bacup script backup_ezlogin.php, use the " -out " parameter with the backup script followed by the specified directory. [email protected]:~# ... Read More
Disable 2FA from Ezeelogin GUI? 1. You can disable 2FA under Settings >> General>> Two Factor Authentication. Untick the checkboxes for 2FA which are Enable Google Authenticator, Enable Duo, Enable Yubikey, Enable Access Keyword and... Read More
Integrating Ezeelogin SSH gateway with ELK stack for SIEM In the example below, we would be installing ElasticSearch and Kibana on the monitoring server [monitor.eznoc.com ( Centos 7 OS)] and the Logstash daemon on the Ezeelogin Jumphost server. ... Read More
To suspend all accounts through db please do the following steps. 1. Find database name and database prefix from /usr/local/etc/ezlogin/ez.conf in ezeelogin gateway server. 2. Login to mysql console 3. use db_name 4. Run this query. ... Read More
Install Ezeelogin on SELINUX enabled Environment We can install Ezeelogin on SELINUX enabled environment, We need to whitelist all required services manually on SELINUX.You can check the allowed and blocked AVC by entering "... Read More
Authentication of SSH users using Public keys fetched from Active Directory server  Extending the Active Directory schema to add ssh key attribute in windows server 2012 and 2016. 1. Launch a cmd prompt then spin up an Administrator cmd by... Read More
How a normal user acquire root privilege for a particular period of time. A normal user can attain root privilege for particular time if the administrator grants permission , the following are the steps Note: The server must be added into the... Read More
How do I change the Ezeelogin password management option to "automatic" for all remote servers? Refer Password management in Ezeelogin to get more ideas about different password management options in Ezeelogin. Take a backup of the Ezeelogin... Read More
Ezeelogin restore/backup crashes abruptly without any error Find the restore backup logs under the /var/log/ directory. If the restore or backup logs contain similar content as given below increase the PHP limit in the php.ini... Read More
Transfer Ezeelogin SSH session logs recorded to a remote server 1. Create a Linux system user on the remote server to which the ssh session log files has to be transferred. You can skip this step if a Linux system user already... Read More
" perl: warning: Setting locale failed " on accessing remote servers from Ezeelogin 1. For the above warning message in remote servers, clear the Environment variables provided in the Ezeelogin GUI by clicking Settings > General >... Read More
LICENSE ERROR: Could not resolve host: license.ezeelogin.com ( after migrating a standalone license) If you are getting the above error on the license tab of Ezeelogin GUI after migrating the standalone license, make sure that... Read More
ERROR DB gwactivity_logs: Incorrect string value during Ezeelogin upgrade For the above error, you need to set the status of the " gwactivity_logs " table to empty for row 1. Gateway Activity Logs stores the details of all the Ezeelogin users... Read More
How to decrypt the encrypted SSH logs in Ezeelogin to a CSV file? Run the following command to decrypt the logs. Replace the log file name with your log file path. [email protected]:#Â /usr/local/ezlogin/eztool.php -show_log /var/log/ezlogin/full... Read More
Do LDAP users require a new password and security code? Passwords need not be created but security code should ideally be created for the LDAP users or you can use the LDAP password for security code as well. However, it is recommended to keep the... Read More