Skip to Content

Installation guide for ARM architecture

How to install Ezeelogin on ARM (Advanced RISC Machine) architecture?


Ezeelogin can now be installed on ARM architecture. This feature is available from Ezeelogin version 7.37.4. An ARM processor is a type of microprocessor that follows the architecture developed by ARM Holdings. ARM stands for Advanced RISC Machine, where RISC stands for Reduced Instruction Set Computing. ARM processors are widely used in a variety of electronic devices due to their power efficiency, performance, and versatility.



Ezeelogin can now be installed on ARM architecture, supported from Ezeelogin version 7.37.4.


   Steps to install Ezeelogin on ARM processor ( Ubuntu 22, Amazon Linux, Debian )


Step 1: Steps for Hardening SSH

Make sure that root SSH login on the jump server is activated and SSH key-based authentication is implemented in SSHD. The following configuration example permits root access solely from the IP address 127.0.0.1 and mandates key-based authorization exclusively, ensuring heightened security. Append the subsequent parameters to the bottom of the "/etc/ssh/sshd_config" file:

Edit the file using the nano or vim command

root@gateway ~]# vim /etc/ssh/sshd_config

Add the following parameters to the end of "/etc/ssh/sshd_config"  file.

#SSHD Global Settings

AllowTcpForwarding  no

PubkeyAuthentication yes

#SSHD localhost settings.

Match Address 127.0.0.1

PermitRootLogin yes

PubkeyAuthentication yes

PasswordAuthentication yes

If you are planning to install the cluster (master-slave), add the below lines in /etc/ssh/sshd_config.

Append the below lines in the master node.

Match Address slave_node_ip

PermitRootLogin yes

Check SSHD configuration and restart the sshd service.

root@gateway ~]# sshd -T | grep -i ’AllowTcpForwarding\|PermitRootLogin\|PubkeyAuthentication\|PasswordAuthentication\|pubkeyacceptedalgorithms\|Port’

root@gateway ~]# systemctl restart sshd


Step 2: Install the necessary dependencies for Ubuntu, Debian, Amazon Linux

   a. Install the Ezeelogin dependency package on Ubuntu

  root@gateway ~]# apt update ; apt-get install php mariadb-server apache2 libapache2-mod-php8.1 php-mysql php-curl php-xml php-ldap nodejs npm git -y

  root@gateway ~]# systemctl start mysql apache2

    Set the MySQL root password with the following command

 root@gateway ~]# mysql_secure_installation

   b. Install the Ezeelogin dependency package on Amazon Linux

 root@gateway ~]# dnf -y install httpd openssl php mariadb105-server php-mysqlnd php-process php-common php-cli php-json bzip2 mod_ssl php-ldap nodejs npm git -y

 root@gateway ~]# systemctl start httpd mariadb

    Set the MySQL root password with the following command

 root@gateway ~]# mysql_secure_installation

   c. Install the Ezeelogin dependency package on Debian

  root@gateway ~]# apt update ; apt upgrade -y ; apt install curl -y ; curl -sSL https://packages.sury.org/php/README.txt | sudo bash -x;apt install php8.1 libapache2-mod-php8.1 mariadb-client mariadb-server apache2 php8.1-mcrypt php8.1-mysql php8.1-curl php8.1-xml php8.1-ldap nodejs npm git –y

 root@gateway ~]# systemctl start mysql apache2

     Set the MySQL root password with the following command

root@gateway ~]# mysql_secure_installation


Step 3: Installing Ioncube loader for PHP

   Ezeelogin SSH jump server software employs Ioncube loader encryption. Before installing the jump server, it is imperative to download and install the Ioncube loader to decrypt it. 

   Download the Ioncube package for 64 bit and untar it /usr/local/ioncube

 root@gateway:~# wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_aarch64.tar.gz

 root@gateway:~# tar -zxf ioncube_loaders_lin_aarch64.tar.gz&& mv ioncube /usr/local

   Edit the PHP configuration file and load the corresponding Ioncube loader according to the PHP version.

Ubuntu/Debian:

root@gateway :~# vi /etc/php/8.1/cli/php.ini

zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.1.so

root@gateway:~# vi /etc/php/8.1/apache2/php.ini

root@gateway:~# apachectl restart

Amazon Linux:

root@gateway:~# vim /etc/php.ini

zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.1.so


Step 4: Download and install Ezeelogin jumpserver

Ezeelogin installation in ARM architecture will support only from Ezeelogin version 7.37.4How to upgrade the Ezeelogin version to the latest?

     Download the latest version from the customer portal area dashboard.

Download link : 
For PHP version 8.1 and above (new): https://downloads.ezeelogin.com/ezlogin_7.32.2_php81.bin

        Download the Ezeelogin jump server package corresponding to the PHP version installed on your server. Make sure to download the binary package to /root

       Execute the following command with the latest version available as the root user on your server.

     root@gateway:~# wget https://downloads.ezeelogin.com/ezlogin_7.xx.xx_phpxx.bin

       Run installation script and it will be prompted to enter the missing settings. The default value will be given in bold. Simply pressing the enter key will choose the default value.

     root@gateway:~# sh ezlogin_7.xx.xx_phpxx.bin

    Enter the path where web panel files should be installed.

    This path should be accessible via a web browser.

    The directory should not exist, but its parent directory should exist.

    path to install web panel files ( /var/www/html/ezlogin ):

You need to specify the Document root here ,if it is different from default else you press enter to choose default.

    Enter the path where web panel system files should be installed.

    This should be preferably outside the DocumentRoot (should not be accessible via web browser) for security reasons.

    If safe_mode restriction is enabled, this path should be allowed for include with safe_mode_include_dir

    The directory should not exist, but its parent directory should exist.

    path to install web panel system files ( /var/www/ezlogin ):

If you need to access the Ezeelogin jump server webpanel as  www.yourdomain.com   choose   "   /  "  & change your document root to  {your existing document root}/ezlogin. For example ,If your document root is /var/ww/html change to /var/ww/html/ ezlogin , else press enter to choose default

  For example, if the DocumentRoot of http://www.yourdomain.com/ is /usr/local/apache/htdocs/yourdomain and you specified /usr/local/apache/htdocs/yourdomain/ezlogin as path to install web panel, the web panel would be accessible as http://www.yourdomain.com/ezlogin/. In this case the REQUEST-URI would be ’/ezlogin/’.

  If you specified DocumentRoot itself as the path to install web panel files, it would be ’/’

  URI path to access the web panel ( /ezlogin/ ):

Using remote database server for the Ezeelogin database

Enter the hostname/ip address of the remote database server or use localhost, if you are going to run the database server on the current server. 

  If the MySQL server is running on this system itself, use ’localhost’

  MySQL server ( localhost ):

  port or path to unix socket used by the MySQL server.

  MySQL port/socket ( 3306 ):

Grant connectivity to Ezeelogin server  hostname/ip on the remote database server. This is not required if your MySQL server is running on localhost.

mysql> GRANT ALL PRIVILEGES ON *.* TO ’root’@’%’ IDENTIFIED BY ’PASSWORD’ WITH GRANT OPTION;

mysql> flush privileges;

  Enter the username with super user (root) privileges for the database server.

  This is usually ’root’, sometimes ’admin’ etc.

  MySQL super user ( root ):

  Please enter the password for the database super user.

  MySQL super user password:

Do NOT enable this if you are not sure. You can always manually enable it after installation as well. This is useful only if you will be setting up master/slave node for redundancy.

  Enable this option to use MySQL SSL connectivity when using a cluster so that mysql communication between the primary and secondary gateways would be encrypted

  Do you want to use secure MySQL connection (yes/no) ? ( no ):

       Refer the below articles to configure MySQL SSL configuration

If you are using  SSL for AWS RDS, you can specify  "mysql_ssl_ca   /var/lib/mysql/rds-combined-ca-bundle.pem" in /usr/local/etc/ezlogin/ez.conf

  Enter the ezlogin Administrator username (less than 21 chars).

  This user should not exist on this system. It will be created.

  admin user ( ezadm118 ): 

  Enter the password for ezlogin Administrator.

  admin password ( }AkJy.%R3TQaX(P ):

  Enter the security code for ezlogin Administrator.

  security code ( FIyW6x7Lbz ):

  Whether web panel should force HTTPS (secure) protocol or not. [yes/no]

  Force HTTPS for web panel? ( no ):

  Review settings:

  Install web panel files in                                  : /var/www/html/ezlogin/

  Install web panel system files in                           : /var/www/ezlogin/

  URI path to access web panel                                : /ezlogin/

  MySQL server                                                : localhost

  MySQL port/socket                                           : 3306

  MySQL database                                              : ezlogin_jzgzs

  MySQL user                                                  : ezlogin_xnyqwd

  MySQL password                                              : !T3}3w$czV$6VrWxG)kn{5&3t5

  Force HTTPS for web panel?                                  : no

  Secure MySQL connection?                                    : no

  Admin user                                                  : admin

  Admin password                                              : }AkJy.%R3TQaX(P

  Admin security code                                         : FIyW6x7Lbz

  Note these down for future reference. Certain values such as passwords cannot be retrieved after setup.

  Accept the above settings? (y/n/x) :

  Creating and setting up database... done

  Adding ezsh to shells... done

  Creating group and users... done

  Creating directories... done

  Copying files... done

  Setting access... done

  Setting file modes... done

  Setting file owners... done

  Setting file groups... done

  Setting up config... done

  Setting up cron... done

  Downloading GeoLiteCity database from www.maxmind.com... done

  ########################################################

  Ezeelogin installed. (Log: /var/log/ezlogin_install.log )

  ########################################################

  ###################################################################

  Web panel installed at:

  ’ /var/www/html/ezlogin/ 

  ( http://yourdomain.com/ezlogin/ ).

  ###################################################################

  Note: Please check the log file to see if any error occurred.

  TODO NOTES:

  Enable web server, MySQL server and cron to startup at boot time.

   For free assistance, please contact [email protected]

   Thank you for choosing Ezeelogin.

   www.ezeelogin.com


Step 5: Access GUI and shell

Step 6: Access the web GUI as follows:

   Step 7:  Access the SSH backend using SSH clients such as Putty on Windows, Terminal on Mac, or console in Linux.  
 

  ssh ezadmin@gateway_hostname or ip

  example:

  ssh [email protected]

Note that password based authentication  has to be enabled or you need to add the public key of the user ssh’ing in /home/{username}/.ssh/authorized_keys manually or refer  article to add public key for the first time after which you can disable password based authentication in /etc/ssh/sshd_config file. Set the variable " PasswordAuthentication yes" sshd_config file to enable it and "PasswordAuthentication no" to disable in /etc/ssh/sshd_config
jump server shell
 
 
Related Articles: