Recording ssh sessions - How to enable it on the bastion host (also called a “ jump server ” )  This feature lets you record ssh sessions of ssh users ( system admins, system engineer , developers ), accessing remote  Linux servers /  vms /... Read More

How to enable  google 2FA (Two factor Authentication) in ezeelogin ?  Open ezeelogin webpanel > Account > Google Authenticator            Click on 'set' button and scan the QR code with the Google Authenticator App   ... Read More

In order to stream the ssh session of users in real time, click on SSH Log Note that ssh live streaming is possible only for ongoing ssh session only and not for session that have ended.   SSH Live streaming is possible only for ongoing ssh... Read More

Enable ssh session timeout so that idle ssh session are automatically disconnected from the ssh gateway. Set the variable Shell Activity Timeout so that ssh session which are idle are automatically timed out after the set number of seconds. A value... Read More

Restrict commands in ezsh jump server shell    1.Enable virtual shell for the user 2. Enable command guard and choose command group and by default 'disable' all commands that are allowed to be executed and enable only commands that you... Read More

Google 2FA, Yubikey and DUO can be configured and set for use simultaneously in the web panel.  The ssh jumphost user can set the all the three 2FA and can use any of it to authenticate depending on the users choice. If the User has forgotten to... Read More

To generate the new 4192 bit key pair in the Ezeelogin jumphost installation, run the following command on the gateway server first. /usr/local/ezlogin/eztool.php -regenerate_ssh_key       2. Run the highlighted command using parallel... Read More

Do checkout duo ssh jumphost configuration video as well. Create your account in duo.com and login. Navigate to Applications -> Protect an Application  Search for Web SDK and click on Protect this Application     Copy Integration Key, Secret... Read More

How to disable web terminal  application in Cpanel ?    You can disable web terminal access in Cpanel by creating /var/cpanel/disable_whm_terminal_ui  file for WHM users. root@gateway:~# touch /var/cpanel/disable_whm_terminal_ui Read More

Enable four eyes authorization in Settings -> General -> Security Make sure Four Eyes Authorization Privilege is enabled for the user who would be granting access to view ssh logs. Go to Access Control->User-Action and grant the user Four... Read More

Following are the encryption algorithms used in ezeelogin to ensure that the data stored in ezeelogin cannot be compromised.  The User passwords and security codes stored in the ezeelogin database uses multiple rounds SHA512, SHA256, BLOWFISH or DES... Read More

To ensure that passwords are not recorded when ssh session recording feature is enabled on the ssh gateway server, simply set the ssh session recording to Output only which means only STDOUT is recorded. This would record only what is displayed on... Read More

  Following are the encryptions used in Ezeelogin SHA1 hashing used for encrypting user password and security codes The UNIX System User passwords uses CRYPT. SSH private keys use 4096 bits RSA ENCRYPTION. RSA keys used for securing root password... Read More

Enable the following settings to Enforce 2FAon user ssh login as well as for the web interface. This will prompt the ssh gateway user to set two factor authentication before going ahead and is a recommended security setting.   Enable the different... Read More

To meet various security compliance like PCI DSS 3.2, SOX , HIPPA , NIST , MAS , FFIEC , SOC2, NERC CIP, ISO 27001 users should not be allowed to set a password that has been previously used. To ensure that users are using a different password from... Read More

This feature lets you manage the duration for which an ssh gateway user will have access to the gateway after which it expires. The duration of the ssh access to the gateway can be set to expire in minutes,hours, day or on a date as show below. This... Read More

Record RDP sessions   Enable RDP Recording from Ezeelogin Gui > Settings > General  Settings > Security > RDP Recording     Click on the RDP Recording button on the left menu and you will be provided with an interface to view  and... Read More

The Google ReCaptcha for the GUI can be enabled under Settings ->General->Authentication. You can choose the the visible or the invisible reCaptcha   Now the login page  would have the reCaptcha prompt if you have chosen the visible... Read More

Configure Certificate Based SSH User Authentication   Support for certificate authentication of users and hosts using the new OpenSSH certificate format was introduced in Red Hat Enterprise Linux 6.5, in the  openssh-5.3p1-94.el6  package... Read More