Skip to Content

Configure four eyes authorization

How to configure Four eyes authorization in Ezeelogin?


Overview: This article helps Ezeelogin admin users in configuring four-eye authorization so that the gateway user would have to be authorized by another user with four eyes authorization privilege in access control to view the SSH logs of any user.


Note: 

Four-eye authorization in Ezeelogin is used to view the SSH recordings of any user with only two-factor authentication.

Step 1: Login to Ezeelogin GUI -> Settings -> General -> Security -> Four eyes authorization

Step 2: Make sure Four Eyes Authorization Privilege is enabled for the user who would be granting access to view ssh logs. Go to Access Control-> User-Action and grant the user Four Eye Authorization Privilege.

Step 3: Ensure that one of the two-factor authentication methods Google 2FA, Yubikey, or DUO Security is configured for the four eyes authorizing user. Refer below example to setup Google 2FA.

Step 4: After configuring four eyes authorization, for viewing ssh logs, navigate to Users -> SSH Logs -> select user and server -> View SSH Log

Step 5: To view the SSH logs, the name and two-factor code of the user with four-eye authorization privileges must be entered.

Step 6: The user will now be able to view the SSH log with four eyes authorization.


Related Articles:

Record ssh sessions

Viewing SSH Logs History for an SSH Gateway User in the Ezeelogin Web GUI

Is it possible to view all ssh logs of a deleted user?

View SSH logs of all users