JumpServer open source bastion machine page configuration

Language 2023-08-12 06:43:35 views: null

JumpServer open source bastion machine page configuration

1. Login

After the installation is complete, the prompted access address: http://installed server IP address: 8888 The
insert image description here
default account and password are: admin/admin
After successful login, you will be prompted to change the account password, just follow the prompts to modify.

2. Functional modules

Contains three functions:控制台 审计台 工作台
insert image description here

2.1. Console

Contains four functions:用户管理 资产管理 账号管理 权限管理

2.1.1. User Management

2.1.1.1, user list

The default user here is the initial user admin. To add a new user, click Create.
insert image description here

It should be noted that: the account is the account for other people to log in to the platform later, and the password can be set or sent by email.
If you choose to set a password,
it is recommended to remove the check box to change the password next time you log in.

2.1.1.2, user group

It is to group users. If each project uses the same set, you can create groups by project.
You can also use the default grouping directly

2.1.2. Asset Management

2.1.2.1, asset list

insert image description here

2.1.2.1.1. Create server link

When creating, you need to set up an account:
insert image description here
insert image description here
return to the asset list to check whether it can be linked
insert image description here

2.1.2.1.2, create database MySQL link

When creating, you need to set up an account:
insert image description here
insert image description here
return to the asset list to check whether it can be linked
insert image description here

2.1.2.2, domain list

The domain function is a newly added function to solve the problem that some environments (such as: hybrid cloud) cannot be connected directly. The principle is to perform jump login through the gateway server. JMS => Domain Gateway => Target Asset

It probably means the front end. That is, a gateway needs to be provided for jumping.
If the resource is an intranet resource, this function can be used for intranet access.

2.1.2.3, platform list

Personal understanding of this module is more like a platform description, and the corresponding platform can be configured.
insert image description here

2.1.2.4, label list

At 资产列表the time of maintenance, there is an asset tree, which is similar to the meaning of the label.
The function here is to label its own assets for distinction.
If there are many assets, label maintenance can be performed according to company, project, and other dimensions.

2.1.3. Account Management

2.1.3.1, account list

During asset management and maintenance, we need to enter accounts, namely server accounts, database accounts, etc., and these accounts are uniformly maintained here.
insert image description here

2.1.3.2, account template

When 账号列表adding an account on the page, there is an 模板添加option.
If there are many accounts with the same name and password, this function can be used to save time.

2.1.3.3, account push

I don't understand what it is for ☺☺☺

2.1.4. Authority management

2.1.4.1. Asset authorization

Set permissions for users, user groups, and assets.
insert image description here

2.1.4.2. User login

When logging in to the system, it can be checked according to the user's login IP and time period to determine whether the user can log in to the system.
Function similar to whitelist

2.1.4.3, command filtering

Set up command groups first, such as common delete, add, modify and
insert image description here
create filter commands, which can target dimensions such as user groups, users, assets, and specified users.

insert image description here

2.2. Audit desk

Contains two functions: 会话审计 日志审计
it is roughly some log records, which is convenient for tracing operations on resources.

2.3. Workbench

Contains four functions:我的资产 Web终端 文件管理 作业中心

Among them, the Web terminal can set permissions for third-party use.
insert image description here
The database can be linked through this page.
insert image description here

3. Summary

1. If it is provided to a third party to access resources, the following address can be used:

http://IP地址:8888/core/auth/login/?next=/luna/

After logging in, you will be redirected directly to the web terminal.

2. Contents that require skilled operation:

用户管理 -> 用户列表
资产管理 -> 资产列表
权限管理 -> 资产授权、用户登录、命令过滤。

3. It should be noted that if it is an intranet server, the port configured by JumpServer needs to be open to the outside world.

JumpServer open source bastion machine installation and configuration: https://blog.csdn.net/qq_38254635/article/details/131438406

Reference link: JumpServer v3.0 bastion host manual: https://www.bookstack.cn/read/jumpserver-3.0-zh/05c6e1fe328d81ca.md

Guess you like

Origin blog.csdn.net/qq_38254635/article/details/131441770
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com