lijiahangmax / orion-visor Goto Github PK

建议支持jumpserver到orion-visor的机器同步

我在老版本看见有应用发布的，这个版本是下掉了吗？

建议支持阿里云/腾讯云/aws/华为云主机实例同步到系统

能不能加一下对各服务器的监控和警告
比如CPU内存磁盘连通性等等的监控，运行某些命令脚本，失败了之后发告警到一些通讯平台

Is your feature request related to a problem?

I think a relatively secure operation and maintenance tool should support at least one MFA verification method. This tool interface looks logical, but the lack of MFA makes it easier for accounts to be stolen.

Describe the solution you'd like

At least one two-step verification method, here we take virtual MFA as an example.
When creating a user, allow the user to bind a virtual MFA device, such as Microsoft Authenticator. When the user logs in, require the user to use the bound MFA method for identity authentication at the same time. When the user performs high-risk operations such as data changes, require the use of MFA for further verification

Is there some similar software?

You can refer to this project, which is also open source and focuses on security, but the information presented in the interface is not as elegant as this project.

Additional context

Here are some documents that may help.

• RFC 6238

SQL: INSERT INTO host ( type, name, code, address, port, status, config, create_time, update_time, creator, updater, deleted ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )

Cause: java.sql.SQLSyntaxErrorException: Unknown column 'type' in 'field list'

; bad SQL grammar []; nested exception is java.sql.SQLSyntaxErrorException: Unknown column 'type' in 'field list'

如题

win RDP主机全部失败

另外建议增加 代理 功能（可以通过代理缓解墙外机器卡顿、断联、联结失败的情况，可以参考：Next Terminal）

我已经帮助如下的一些项目实现了 e2e 接口测试，如果您希望能 e2e 的话，我愿意帮忙实现。期待收到回复。

LinuxSuRen/api-testing#284

Describe the bug
If a request is made to the orion-visor using either of the reverse proxy technologies, even with the X-Real-IP and X-Forward-for request headers set, the retained address is the address of the jumper and not the initiator's real address.

To Reproduce

1. Install orion-visor and nginx on the test machine
2. Create the following configuration for nginx:

location / {
    proxy_pass  http://127.0.0.1:1081;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

3. Check the IP address left in the "留痕地址" after logging into the service using the nginx address

Expected behavior
The program correctly recognizes the X-Real-IP and X-Forwarded-For headers, presenting the visitor's real IP address in the background "留痕地址"

堡垒机在国内常见的用途就是做跳机和审计日志，比如知名度较高的 jumpserver，功能已经相对丰富了，如果在日志审计的多做点设计，应该会成为亮点

exec_log表和exec_template表command字段text类型长度不够，导致脚本保存失败

感谢各位小伙伴的信任与支持，如果您是使用此项目完成的公司项目，希望您留下您的个人、公司或组织信息：
格式如下：

兄弟, 考虑加个批量导入机器的功能吗, 一个个加太麻烦

安装后登录后台 提示Request failed with status code 502

服务器有两个ip,如何让服务用我指定的ip