Детали

Сергей Попцов создал 6 дней назад

Сергей Попцов обновил 6 дней назад

Действующие разрешения книги

Действия

Версии

How to Remove Passwords Entered by Users Inside SSH Sessions from the Logs

If users know account passwords and enter them inside SSH sessions, these passwords appear in the logs in plain text — this is JumpServer's default behavior for any user input.

To change this behavior:

Open the configuration file:

vi /opt/jumpserver/config/config.txt

Add the following line at the end of the file:

DISABLE_INPUT_AS_COMMAND=true

Restart the application:

jmsctl restart

After this, passwords will no longer be saved in the logs.

Note: Only passwords entered in response to a password prompt (for example, after running the sudo command) will not be logged.
If a user types their password somewhere else — for example, into a text file — the password will still appear in the command logs.

Наверх

Getting Started Guide for JumpServer PoC

Installation JumpServer Enterprise Edition

Installation JumpServer Community Edition

JumpServer HA-cluster configuration

HAProxy configuration for JumpServer HA-cluster

Operation and Maintenance with command line jmsctl

JumpServer port discription

Installing SSL Certificates and Configuring HTTPS

Configuring Correct User IP Display When Using HAProxy Authentication

How to Save Transferred Files in JumpServer

Where Does JumpServer Store Copies of Files Transferred via SFTP and RDP?

How to Remove Passwords Entered by Users Inside SSH Sessions from the Logs

Syslog configuration

Configuring External Storage for Session Recordings in JumpServer

How to Set the Correct Date and Time in JumpServer?

RDP Session Video Compression: Configuring Video-Worker

Active Directory synchronization with AD groups

How to enable 2FA(TOTP) auth

Installing OpenSSH for account management for Windows

RemoteApp configuration for application publishing

Setting up Panda for application publishing(alternative to RemoteApp)

Changing the lifetime and reusability of connection tokens in JumpServer

How to configure access to asset web-interface, HTTP session configuration

Command filter configuration for SSH and database queries

How to connect to domain assets using a single domain account?

Automatic privilege escalation when connecting via SSH

Creating Accounts and SSH Keys on the Target System (Push Accounts)

Discovering Unmanaged Accounts (Discover Accounts)

Changing the Default Directory for SFTP Connections

Configuring Asset Discovery in Local Networks and Cloud Platforms

Connecting to Target Systems: All Possible Options

Opening RDP Sessions in Remote Desktop Manager (Devolutions)

Supported Database Types and Connection Methods

Installing, Configuring, and Using JumpServer Client

Connecting to Systems Using the SSH Selector in JumpServer

How to check system status and container logs

RemoteApp Troubleshooting

Custome Applet structure for RemoteApp

How to Write API Requests Using Cursor AI

Developing Custom Applications for Panda

How to Remove Passwords Entered by Users Inside SSH Sessions from the Logs