Tweaks & Configuration

How to configure Ezeelogin to use SSL for MySQL database connections on ubuntu 16.04? Mysql - SSL setup on Ubuntu  Mysql server 5.7 version 1. Check the Current SSL/TLS Status    Log into  MySQL session  [email protected]:~# mysql -u root -p -h... Read More

Integration of OpenLdap / Activedirectory (with autocreate feature) [Frontend]  You can configure LDAP/AD with autocreate feature. You can use this if you are using LDAP authentication and do not plan to use backend configuration(pam_ldap) for... Read More

How to enable Google 2FA (Two-factor Authentication) in Ezeelogin? Note: Google Authenticator doesn’t require any internet connection. 1. Open Ezeelogin web panel > Account > Google Authenticator        2. Click on the &... Read More

LAN with Internet Connectivity Yes, you can install Ezeelogin Jump server software in a lan which has internet connectivity. Do ensure that the jump box is able to connect to the license server (license.ezeelogin.com) on port 443. The license server... Read More

WEB SSH Console is available within the GUI  from Ezeelogin 7.4.1 and above only. This feature lets you ssh use a browser and does not need an ssh terminal. White list your ip address from which you are accessing ,as certain firewall programs may... Read More

Install nginx  with the following command on Ezeelogin ssh jump server   Install & Configure Nginx on Debian 9 Install the package using the following command  [email protected]:~# apt update ; apt-get... Read More

Configure Certificate-Based SSH User Authentication Support for certificate authentication of users and hosts using the new OpenSSH certificate format was introduced in Red Hat Enterprise Linux 6.5, in the  openssh-5.3p1-94.el6  package.... Read More

How to enable/disable Yubikey 2FA (Two-factor Authentication) in Ezeelogin? Do check out the video to Configure Yubikey two-factor authentication in ssh jump host  1. Navigate to  Settings -> General -> Two FactorAuthentication ->... Read More

Yes, Ezeelogin would work behind a firewall , NAT or a proxy. It would need to establish a connection to license.ezeelogin.com on port 443 to fetch the license. wget -qO- http://ezeelogin.com/myip Run the command  on the ssh gateway server... Read More

MySQL strict mode is enabled by default. You can disable it in a couple of ways.   1. To Disable Strict Mode via SQL :       You can disable strict mode on your MySQL server by running the following command on your Linode’s command... Read More

The Ezeelogin configuration file is located at /usr/local/etc/ezlogin/ez.conf Ezeelogin has two logs files one for the web interface and one for the backend ssh interface called the ezsh shell (short for the Ezeelogin backend shell) FRONTEND OR WEB... Read More

You can automatically enable HTTPS on your website with EFF’s Certbot, deploying Let’s Encrypt certificates   1. Install snapd     Installing snap on Red Hat Enterprise Linux (RHEL) / Centos      Adding EPEL Repo RHEL  ... Read More

Integration of Open-LDAP (PAM-LDAP) in CentOS Make sure that the PHP-LDAP extension is installed on the server  [email protected]:~# yum install php-ldap openldap openldap-clients ;apachectl restart 1.  Login to Web-GUI > Settings ... Read More

 Integration of WINDOWS-AD (PAM-LDAP) in CentOS 7/6 Make sure that the PHP-LDAP extension is installed on the server  [email protected]:~# yum install php-ldap openldap openldap-clients; apachectl restart 1. Login to Web-GUI >... Read More

Complete step by step tutorial on how to configure ssh-agent and ssh-agent forwarding SSH Agent SSH agent allows you to store ssh keys, and certificates on memory in unencrypted format. ssh-agent acts as an ssh key manager which allows you to use... Read More

1. How do I configure the Ezeelogin jump server to authenticate using OpenLDAP or Window AD server? 2. How do I configure the SSH gateway to authenticate from LDAP or Windows AD server? With the AutoCreate feature, the backend ssh authentication... Read More

Integration of Open-LDAP (PAM-LDAP) in Ubuntu Make sure that PHP-LDAP extension is installed on the server  [email protected]:~# apt-get install php5.0-ldap/php7.0-ldap ; apachectl restart 1. Login to Web-GUI > open settings >... Read More

  How to Create a SSL Certificate on ezeelogin jump server Apache for CentOS 6 /Centos 7/Centos 8 ?   Install Mod SSL [email protected] :~# yum install mod_ssl openssl Create a New Directory   we need to create a new directory... Read More

We have multiple groups in LDAP for different users who have different authorization groups, so if we map these user groups via LDAP will these users get access to the authorized servers?        Yes, all you need to do is create a user group... Read More

SSH Gateway users can set add their ssh public keys for passwordless authentication to login into the ezsh shell ( ezeelogin backend shell).  Press the F2 key in the ezeelogin shell to enter your public keys for ssh authorized keys-based... Read More

You can force the Ezeelogin web gui to be accessed only via the https protocol. Before enabling and enforcing ssl, ensure that ssl certificates is enabled for the domain / hostname used to access the gui. Do refer the article to install and configure... Read More

How to configure Ezeelogin jump server to use SSL for MySQL database connections on centos? Mysql-SSL setup on Centos 7,Mysql server 5.5 version 1. Check the Current SSL/TLS Status    Log into a MySQL session  [email protected]:~# mysql -u root -p... Read More

Configure Ezeelogin to authenticate using Windows_AD(Pam-LDAP) in Ubuntu 16.x 18.x 20.x? Integration of WINDOWS-AD (PAM-LDAP) in Ubuntu Make sure that PHP-LDAP extension is installed on the server  [email protected]:~# apt-get install... Read More

How to add amazon ec2 instance in ezeelogin jump server or bastion host ?  1. Get the private Key from amazon ec2 instance           You can download the key while creating an amazon instance .You will not able to... Read More

What is the cronjob for resetting root password on servers periodically? 1. In Ezeelogin V6.x or 7.x.The file /var/spool/cron/<admin_user> on your Ezeelogin gateway should have the following contents. 1 1 * * 0 php /usr/local/ezlogin... Read More

1. What is web session timeout?      It is an event occurring during an interval when a user does not perform any action. 2. How to set/enable session timeout in Ezeelogin Web Interface?    Login to Ezeelogin gateway machine/Server > Modify... Read More

What is the port number used to fetch ezeelogin license? In the firewall on your Ezeelogin installed gateway servers, enable outbound port  443 traffic to license.ezeelogin.com and license2.ezeelogin.com to fetch the license. Read More

Is it possible to change the password/security code by the user itself ?      Yes. You can change your password /security code from Ezeelogin GUI.   Login to ezeelogin GUI > Account > Password > Enter new password/security code... Read More

Ezeelogin private/public key pair explained 1. How to use a private/public key pair to be used as the Global Public key which would be copied over to all remote servers? a) Login to Ezeelogin software GUI -> copy the Global key. Refer below... Read More

You can find a server by its hostname, ip address or description very  quickly in ezsh shell. To ensure that only the servers hostname matching the strings typed in are displayed,  choose the menu search mode (Normal , Name ,... Read More

How can we set expiry for SSH users? This feature lets you manage the duration for which an ssh gateway user will have access to the gateway after which it expires. The duration of the ssh access to the gateway can be set to expire in minutes, hours... Read More

How to change the web URL of the Ezeelogin installation? I'm trying to modify our server so we do not need to reference the /ezlogin at the end of our URL. I modified the apache configs accordingly, however it stops the Ezeelogin panel from... Read More

Sometime, the SSH daemon on your Jumphost box would be listening on a non standard port instead of 22. In such cases,set Gateway SSH Port under Settings->General->Miscellaneous->Gateway SSH Port. Read More

How to add a server using ssh key pair in Ezeelogin? 1. Create a ssh key pair on the server using the command   [email protected]:~# ssh-keygenGenerating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh... Read More

To skip the group menu listed in the backend shell as shown  and to be presented with the server list as show below as the first screen when you ssh into the ezsh shell.   Navigate to Account->Preferences , select Skip group menu and... Read More

What setting to be changed in ezeelogin jump server configuration file  if mysql is listening on a different port?   Edit the variable db_port in /usr/local/etc/ezlogin/ez.conf and set the port number.Also you may want to change the db_host... Read More

I am no longer able to login after i switched to ldap authentication. How do i switch back to normal authentication?The admin user that was created at the time of installation would still be able to login and switch to normal authentication.however,... Read More

How to Create a SSL Certificate on ezeelogin jump server for Nginx on debian 8 Create a Self Signed Certificate When we request a new certificate, we can specify how long the certificate should remain valid by changing the 365 to the number of days... Read More

You can change the default outbound port number for target servers that are added in Settings->General->Defaults-> Defaults SSH Port. For example, if you are using port 32002 for your fleet of servers, then change Default SSH Port variable... Read More

Is it possible to add more than one SSH public key to ezeelogin ? How can i add more than one public key to ezeelogin user ?   Yes.You can add more than one public key to ezeelogin user.    Add the SSH Public keys to (Replace ... Read More

How to search for a server using the hostname or IP address in the GUI or ssh jump server interface? Under the Server tab, you can change the search option as show below. How to search for a server using the hostname, IP address, and server group in... Read More

Navigate to Settings->General->Miscellaneous->Gateway SSH Port and set the custom port number that sshd is listening on the ssh gateway server. In the example below, sshd is listening on the port 2014 hence the Gateway SSH port is set to... Read More

Note: SAML is an authentication mechanism for web applications. It's based on web protocols and it cannot be used for user authentication over SSH. 1. Login to okta and add Application              2. Select  SAML 2.0 and click... Read More

How can I forward env variables over ssh in Ezeelogin?   1.  Add environment variable to Ezeelogin GUI > settings > General > Security > Passthrough Environment Variables     2. Allow environment variable in /etc/ssh/sshd_config of... Read More

Note: SAML is an authentication mechanism for web applications. It's based on web protocols and it cannot be used for user authentication over SSH.   1. Login to OneLogin and Add Application.     2. Search for SAML TEST and select SAML... Read More

How to reset the cluster key in order to use RSA key ? Regenerate cluster key You need to reinstall secondary/slave (cluster) node after resetting the cluster key     1.Enter the following command to reset cluster... Read More

How to configure Ezeelogin Jump Server to use SSL for AWS RDS database connection? Refer this article to set up AWS RDS . You can download certificates for using SSL in AWS RDS from here . 1. Move certificates to a directory and specify... Read More

How to integrate OpenLdap with Centos 8 using SSSD?     Run the following commands to install the SSSD packages   [[email protected] ~]# yum install sssd sssd-client nscd -y   Add ldap_search_base,ldap_default_bind_dn... Read More

Follow the steps to interate Red Hat IDM (Ldap protocol) in ezeelogin Refer this document to install an IDM server   Run ldapsearch on IDM server to find the ’DN’ of the admin user or other user having admin privileges ... Read More

Integrate AWS SSO in Ezeelogin SSH  Gateway 1.  Login to AWS console >  select AWS Single Sign-On and click on Applications   2. Click on Add Application     3. Click on Add a custom SAML 2.0 application       4.Â... Read More

Configure Ezeelogin to authenticate using Windows_AD / OpenLDAP (Pam-Ldap) in Debian? Integration of WINDOWS-AD&Openldap (PAM-LDAP) in Debian Make sure that PHP-LDAP extension is installed on the server [email protected]:~# apt-get install... Read More

How to configure SMTP relay with Sendmail? Install Sendmail Ubuntu / Debian systems apt install sendmail   Centos/RHEL yum install sendmail 1. Create Authentication file.   Create a directory in /etc/mail directory    sudo mkdir ... Read More

How to integrate Windows AD with Ubuntu 18/20/22 using SSSD?   Ensure that the following ports on the Ubuntu host are open and accessible to the AD domain controllers.  DNS =53, LDAP =389, Kerberos 88 & 464, LDAP Global Catalog 3268 and NTP... Read More

Reset two-factor authentication of a user or Clear 2fa of a user Login to Ezeelogin as administrator on Ezeelogin GUI and click on the reset password icon  of the user   2. Select Clear Two-Factor Authentication Secret and save it. Now the user... Read More