Skip to Content

Installation guide for ARM architecture

How to install Ezeelogin on ARM (Advanced RISC Machine) architecture?


Overview: Ezeelogin can now be installed on ARM architecture. This article outlines the steps to install Ezeelogin on ARM architecture. 


 

Ezeelogin can now be installed on ARM architecture, supported from Ezeelogin version 7.37.4.

System Requirements

Hardware Requirements

  • Minimum 2048 MB Ram.
  • Minimum 2 GHz processing power.
  • Virtual Server or Dedicated Server.
  • Minimum 75GB Disk space.

Software Requirements

  • OS Architecture (Ubuntu - 24, 22; Debian - 12, 11, Amazon Linux) , [x86_64 , AArch64]
  • Web server (apache, lighttpd, nginx etc.)
  • MySQL server (from version 5.5 to 8.0)/MariaDB ( from version 5.1 to 10.4) (For AWS RDS MySQL 5.6,5.7 & MariaDB 10.2)
  • PHP (from version 5.6.x and above,  upto <= php 8.2)
  • Ioncube loader version 10 and above for PHP
  • MySQLi extension for PHP
  • JSON extension for PHP
  • Curl extension for PHP
  • Posix extension for PHP
  • LDAP extension for PHP (for LDAP web panel authentication)
  • Nodejs version >=14.x.x
  • OpenSSL
  • Encryption & Hashing Algorithms.

   Steps to install Ezeelogin on ARM processor ( Ubuntu 22, 24, Amazon Linux, Debian 12, 11 )

An ARM processor is a type of microprocessor that follows the architecture developed by ARM holdings. ARM stands for Advanced RISC Machine, where RISC stands for Reduced Instruction Set Computing. ARM processors are widely used in a variety of electronic devices due to their power efficiency, performance, and versatility.


Step 1: Steps for Hardening SSH

Ensure that root SSH login is allowed on the jump server and that SSH key-based authentication is enabled. The example below allows root access only from the IP address 127.0.0.1 and requires key-based login for added security. Add the following lines at the end of the /etc/ssh/sshd_config file:

Step 1(A): Edit the file using the nano or vim command

root@gateway:~# vim /etc/ssh/sshd_config

Add the following parameters to the end of "/etc/ssh/sshd_config"  file.

#SSHD Global Settings

AllowTcpForwarding  no

PubkeyAuthentication yes

#SSHD localhost settings.

Match Address 127.0.0.1

PermitRootLogin yes

PubkeyAuthentication yes

PasswordAuthentication yes

Step 1(B): If you are planning to install the cluster (master-slave), add the below lines in /etc/ssh/sshd_config.

Append the below lines in the master node.

Match Address slave_node_ip

PermitRootLogin yes

Step 1(C): Check SSHD configuration and restart the sshd service.

root@gateway:~# sshd -T | grep -i ’AllowTcpForwarding\|PermitRootLogin\|PubkeyAuthentication\|PasswordAuthentication\|pubkeyacceptedalgorithms\|Port’

root@gateway ~]# systemctl restart sshd


Step 2: Install the necessary dependencies for Ubuntu, Debian, Amazon Linux

Step 2(A): Install the Ezeelogin dependency package on Ubuntu

root@gateway:~# apt update ; apt-get install php mariadb-server apache2 libapache2-mod-php8.1 php-mysql php-curl php-xml php-ldap nodejs npm git -y

root@gateway ~]# systemctl start mysql apache2

Step 2(Ai): Set the MySQL root password with the following command

 root@gateway ~]# mysql_secure_installation

Step 2(B): Install the Ezeelogin dependency package on Amazon Linux

root@gateway:~# dnf -y install httpd openssl php mariadb105-server php-mysqlnd php-process php-common php-cli php-json bzip2 mod_ssl php-ldap nodejs npm git -y

root@gateway:~# systemctl start httpd mariadb

 Step 2(Bi):Set the MySQL root password with the following command

root@gateway:~# mysql_secure_installation

Step 2(C): Install the Ezeelogin dependency package on Debian

root@gateway:~# apt update ; apt upgrade -y ; apt install curl -y ; curl -sSL https://packages.sury.org/php/README.txt | sudo bash -x;apt install php8.1 libapache2-mod-php8.1 mariadb-client mariadb-server apache2 php8.1-mcrypt php8.1-mysql php8.1-curl php8.1-xml php8.1-ldap nodejs npm git –y

root@gateway:~# systemctl start mysql apache2

Step 2(Ci): Set the MySQL root password with the following command

root@gateway:~# mysql_secure_installation


Step 3: Installing Ioncube loader for PHP

Ezeelogin SSH jump server software employs Ioncube loader encryption. Before installing the jump server, it is imperative to download and install the Ioncube loader to decrypt it. 

Step 3(A): Download the Ioncube package for 64 bit and untar it /usr/local/ioncube

root@gateway:~# wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_aarch64.tar.gz

root@gateway:~# tar -zxf ioncube_loaders_lin_aarch64.tar.gz&& mv ioncube /usr/local

 Step 3(B): Edit the PHP configuration file and load the corresponding Ioncube loader according to the PHP version.

Ubuntu/Debian:

root@gateway:~# vi /etc/php/8.1/cli/php.ini

zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.1.so

root@gateway:~# vi /etc/php/8.1/apache2/php.ini

root@gateway:~# apachectl restart

Amazon Linux:

root@gateway:~# vim /etc/php.ini

zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.1.so


Step 4: Download and install Ezeelogin jumpserver

Ezeelogin installation in ARM architecture will support only from Ezeelogin version 7.37.4

 Step 4(A): Download the latest version from the customer portal area dashboardDownload the Ezeelogin jump server package corresponding to the PHP version installed on your server. 

Download link : 
For PHP version 8.1 and above (new): https://downloads.ezeelogin.com/ezlogin_7.32.2_php81.bin

 Step 4(B): Execute the following command with the latest version available as the root user on your server. Make sure to download the binary package to /root

root@gateway:~# wget https://downloads.ezeelogin.com/ezlogin_7.xx.xx_phpxx.bin

  Step 4(C): Run the installation script and it will be prompted to enter the missing settings. The default value will be given in bold. Simply pressing the enter key will choose the default value.

root@gateway:~# sh ezlogin_7.xx.xx_phpxx.bin

Enter the path where web panel files should be installed.

This path should be accessible via a web browser.

The directory should not exist, but its parent directory should exist.

path to install web panel files ( /var/www/html/ezlogin ):

You need to specify the Document root here ,if it is different from default else you press enter to choose default.

Enter the path where web panel system files should be installed.

This should be preferably outside the DocumentRoot (should not be accessible via web browser) for security reasons.

If safe_mode restriction is enabled, this path should be allowed for include with safe_mode_include_dir

The directory should not exist, but its parent directory should exist.

path to install web panel system files ( /var/www/ezlogin ):

If you need to access the Ezeelogin jump server webpanel as  www.yourdomain.com   choose   "   /  "  & change your document root to  {your existing document root}/ezlogin. For example ,If your document root is /var/ww/html change to /var/ww/html/ ezlogin , else press enter to choose default

For example, if the DocumentRoot of http://www.yourdomain.com/ is /usr/local/apache/htdocs/yourdomain and you specified /usr/local/apache/htdocs/yourdomain/ezlogin as path to install web panel, the web panel would be accessible as http://www.yourdomain.com/ezlogin/. In this case the REQUEST-URI would be ’/ezlogin/’.

If you specified DocumentRoot itself as the path to install web panel files, it would be ’/’

URI path to access the web panel ( /ezlogin/ ):

Using remote database server for the Ezeelogin database. Enter the hostname/ip address of the remote database server or use localhost, if you are going to run the database server on the current server. 
How to configure Ezeelogin on the AWS-RDS Remote Database?

If the MySQL server is running on this system itself, use ’localhost’

MySQL server ( localhost ):

port or path to unix socket used by the MySQL server.

MySQL port/socket ( 3306 ):

Grant connectivity to Ezeelogin server  hostname/ip on the remote database server. This is not required if your MySQL server is running on localhost.

mysql> GRANT ALL PRIVILEGES ON *.* TO ’root’@’%’ IDENTIFIED BY ’PASSWORD’ WITH GRANT OPTION;

mysql> flush privileges;

Enter the username with super user (root) privileges for the database server.

This is usually ’root’, sometimes ’admin’ etc.

MySQL super user ( root ):

Please enter the password for the database super user.

MySQL super user password:

Do NOT enable this if you are not sure. You can always manually enable it after installation as well. This is useful only if you will be setting up master/slave node for redundancy.

Enable this option to use MySQL SSL connectivity when using a cluster so that mysql communication between the primary and secondary gateways would be encrypted

Do you want to use secure MySQL connection (yes/no) ? ( no ):

 Refer the below articles to configure MySQL SSL configuration

If you are using  SSL for AWS RDS, you can specify  "mysql_ssl_ca   /var/lib/mysql/rds-combined-ca-bundle.pem" in /usr/local/etc/ezlogin/ez.conf

Enter the ezlogin Administrator username (less than 21 chars).

This user should not exist on this system. It will be created.

admin user ( ezadm118 ): 

Enter the password for ezlogin Administrator.

admin password ( }AkJy.%R3TQaX(P ):

Enter the security code for ezlogin Administrator.

security code ( FIyW6x7Lbz ):

Whether web panel should force HTTPS (secure) protocol or not. [yes/no]

Force HTTPS for web panel? ( no ):

Review settings:

Install web panel files in                                  : /var/www/html/ezlogin/

Install web panel system files in                           : /var/www/ezlogin/

URI path to access web panel                                : /ezlogin/

MySQL server                                                : localhost

MySQL port/socket                                           : 3306

MySQL database                                              : ezlogin_jzgzs

MySQL user                                                  : ezlogin_xnyqwd

MySQL password                                              : !T3}3w$czV$6VrWxG)kn{5&3t5

Force HTTPS for web panel?                                  : no

Secure MySQL connection?                                    : no

Admin user                                                  : admin

Admin password                                              : }AkJy.%R3TQaX(P

Admin security code                                         : FIyW6x7Lbz

Note these down for future reference. Certain values such as passwords cannot be retrieved after setup.

Accept the above settings? (y/n/x) :

Creating and setting up database... done

Adding ezsh to shells... done

Creating group and users... done

Creating directories... done

Copying files... done

Setting access... done

Setting file modes... done

Setting file owners... done

Setting file groups... done

Setting up config... done

Setting up cron... done

Downloading GeoLiteCity database from www.maxmind.com... done

########################################################

Ezeelogin installed. (Log: /var/log/ezlogin_install.log )

########################################################

###################################################################

Web panel installed at:

’ /var/www/html/ezlogin/ 

http://yourdomain.com/ezlogin/ ).

###################################################################

Note: Please check the log file to see if any error occurred.

TODO NOTES:

Enable web server, MySQL server and cron to startup at boot time.

For free assistance, please contact [email protected]

Thank you for choosing Ezeelogin.

www.ezeelogin.com


Step 5(A): Access the web GUI using https:ip/ezlogin or https://domain_name/ezlogin

Step 5(B):  Access the SSH backend using SSH clients such as Putty on Windows, Terminal on Mac, or console in Linux.  

ssh ezadmin@gateway_hostname or ip

example: ssh [email protected]

jump server shell
 

To allow SSH access, password based authentication  has to be enabled or manually add the user's public key to /home/{username}/.ssh/authorized_keys. You can also follow the article  add ssh public key for passwordless authentication in ssh.

After that, you can safely disable password-based authentication in the /etc/ssh/sshd_config file.

To enable password login, set:
PasswordAuthentication yes

To disable it later, change it to:
PasswordAuthentication no


Related Articles: