JumpServer RDP: session logs and transfering files
Updated: Feb 22
We'll test the RDP connection to see if file transfer and clipboard features are really blocked. We'll also check how session logging works.
Why am I doing this? After years of working with different Privileged Access Management (PAM) systems, I've noticed that the documentation and features often don't match how the control of different types of connections actually works in PAM.
Theare two ways to start RDP session in JumpServer: RDP in WebUI and Native Client(only Enterprise Edition).
You can see results in this table:
| RDP WebGUI | Native RDP Client |
Video recording | yes | yes |
Clipboard support | yes | yes |
File Transfer support | yes | yes |
File Transfer Logging | yes (saving copy of transfered files) | no |
Clipboard Logging | no | no |
Clipboard Blocking | yes (can block copy,paste or both) | yes (can block copy,paste or both) |
File Transfer Blocking | yes (can block download,upload or both) | yes (can block download,upload or both) |
Keystroke logging | yes | no |
How RDP connection works?
Started RDP WebGUI, on the right side I can see additional panel:
Here I can send control buttons to RDP (its very usefull) and also I can open UI for Clipboard and File Transfer.
Also I can use Drag&Drop to RDP session and my file will appear in special virtual disk:
What I can see in session logs?
Video with timstamps of entered keystrokes:
Logged keystrokes in session commands:
Transfered files with ability to download copy of transfered file:
Comments