jumpserver bastion machine installation and use

1. Install

Official website: https://www.jumpserver.org/

1.1. Online installation

Reference link: https://www.cnblogs.com/pangya/p/15735974.html

https://docs.jumpserver.org/en/master/install/setup_by_fast/

Firewall needs to be turned on

# Turn on the firewall
systemctl start firewalld
# Add 443 port access
firewall-cmd --zone=public --add-port=443/tcp --permanent
# Reload for configuration to take effect
firewall-cmd --reload
# Check the enabled status, return yes to indicate that it is enabled.
firewall-cmd --zone=public --query-port=443/tcp

# will be installed to the /opt/jumpserver-installer-v2.25.5 directory by default
curl -sSL https://github.com/jumpserver/jumpserver/releases/download/v2.25.5/quick_start.sh | bash
cd /opt/jumpserver-installer-v2.25.5

Just wait for the installation to complete

1.2. https configuration

It may be necessary to configure jumpserver to https when used in the project because of the requirements of the security level. The following explains how to configure it.

# Configuration file after installation /opt/jumpserver/config/config.txt

2. Run

cd /opt/jumpserver-installer-v2.25.5
# restart
./jmsctl.sh restart
# start up
./jmsctl.sh start
# stop
./jmsctl.sh down
# uninstall
./jmsctl.sh uninstall
# help
./jmsctl.sh -h

3. Use

  1. open link

  1. Browser input: 192.168.4.186

Administrator account password

admin

Zenglg2012

a. http

http://ip:port

Port default 80

b.https

https://ip

Port default 443

  1. add assets

a. Asset Management – Asset List, click Create

b. Fill in information: host name, ip, system platform, protocol group select rdp, port 3389, node select defult, click submit (create windows host)

c. Fill in the information: host name, ip, system platform, protocol group select ssh, port 22, node select defult, click submit (create linux host)

5. Create user

User management – user list, create

6. Create a system user

Asset Management – System User – Click Create

(windows) fill in the name, protocol RDP, enter the user name, password, click submit

(linux) Fill in the name, protocol ssh, enter the user name, password, and click submit

7. Create authorization rules

Rights Management – Asset Authorization, click Create. Add users, user groups, assets, nodes, system users.

4. Windows assets upload and download

4.1. Windows asset upload file

1. First log in to Windows Assets, and click the little gear next to it.

2. Upload the file.

3. Second, download to the local windows assets. (The uploaded file is in the mapping disk and has not been uploaded to the local windows asset)

4. Uploaded successfully!

4.2. Windows asset download file

1. Select files to copy

2. Go to the Download folder on the Guacamole disk.

3. Paste the file downloaded to the local PC in the Download folder.

4. A download box will pop up.

5. The download is successful!

4.3. Copy and paste of Windows assets

1. Local PC copy text to assets

2. Randomly type a character.

3. The clipboard will read the copied content

4. Copy the character content to Windows Assets.

5. Copy asset content to local pc

6. Copy the characters that need to be pasted to the local PC. Check the clipboard, and the copied content will be automatically read.

7. Paste it locally.