Jumpserver Overview and Step‑by‑Step Installation Guide (Online and Offline)

Jumpserver Overview

Jumpserver is an open‑source bastion host system developed with Python and Django that offers authentication, authorization, auditing, and automated operations for enterprises, supporting SSH, Telnet, RDP and VNC protocols.

Features

Accurate command recording

Batch file upload/download

Host search and login

Batch command execution (via Ansible)

WebTerminal host connection

Web‑based batch command execution

Session video playback

Hardware information collection (CPU, memory, etc.)

Asset Excel import/export

Bulk asset modification

Bulk system‑user provisioning (Ansible)

Fine‑grained authorization for users, hosts, groups, and system users

Sudo management

Command statistics and search

Upload/download file audit

Terminate user connections

Various search capabilities

Other miscellaneous functions

Backend relies on LDAP for centralized authentication; passwords are stored encrypted in the database and passed to target hosts via the pexpect module.

Advantages

Open‑source, zero‑threshold, quick online acquisition and installation

Distributed architecture, easy to support large‑scale concurrent access

No plugins required; pure browser‑based Web Terminal experience

Multi‑cloud support – a single system can manage assets across different clouds

Cloud‑based audit video storage, never lost

Multi‑tenant – multiple subsidiaries or departments can share one instance

Supports databases, Windows remote applications, Kubernetes, etc.

Official website: https://www.jumpserver.org/

Documentation: https://docs.jumpserver.org/zh/master/

GitHub releases: https://github.com/jumpserver/jumpserver/releases

Environment Requirements

One 64‑bit Linux host with at least 4 CPU cores and 8 GB RAM, and internet access

Root privileges (prefer a fresh environment to avoid conflicts)

Disable iptables and selinux

Install required tools: wget , git , curl

yum -y install wget git curl

Online Deployment of Jumpserver

Multiple deployment methods exist (online/offline, Linux/Windows/macOS, manual/one‑click/source/Helm/All‑in‑One). This guide uses the one‑click script provided by the official site.

Download and execute the official script

curl -sSL https://github.com/jumpserver/jumpserver/releases/download/v2.25.1/quick_start.sh | bash

The script will prompt for confirmations; pressing Enter accepts the defaults. Configuration file is located at /opt/jumpserver/config/config.txt .

Installation steps performed by the script

Check configuration file

Install Docker and Docker‑Compose

Configure Docker

Start Docker and enable auto‑start

Pull required Docker images (Redis, MariaDB, web, core, koko, lion, magnus)

Install Jumpserver, including: Generate encryption keys Set persistent directories Configure MySQL Configure Redis Expose external ports Initialize the database

Finish installation and display access information

After installation, access the web UI at http:// IP :80 with the default credentials admin / admin .

Offline Deployment of Jumpserver

Download the latest Linux/amd64 offline package (≈1.5 GB) from the official community, upload it to /opt on the target server, and extract it.

mv jumpserver-offline-installer-v2.25.2-amd64-67.tar.gz /opt/
cd /opt
tar -xf jumpserver-offline-installer-v2.25.2-amd64-67.tar.gz
mv jumpserver-offline-installer-v2.25.2-amd64-67 jumpserver
cd /opt/jumpserver

Edit the configuration template as needed (or accept autogenerated values). Example configuration snippet:

VOLUME_DIR=/opt/jumpserver
DOCKER_DIR=/var/lib/docker
SECRET_KEY=
BOOTSTRAP_TOKEN=
LOG_LEVEL=ERROR
USE_EXTERNAL_MYSQL=0
DB_HOST=mysql
DB_PORT=3306
DB_USER=root
DB_PASSWORD=
DB_NAME=jumpserver
USE_EXTERNAL_REDIS=0
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=
COMPOSE_PROJECT_NAME=jms
COMPOSE_HTTP_TIMEOUT=3600
DOCKER_CLIENT_TIMEOUT=3600
DOCKER_SUBNET=192.168.250.0/24
USE_IPV6=0
HTTP_PORT=80
SSH_PORT=2222
CLIENT_MAX_BODY_SIZE=4096m
USE_TASK=1
USE_XPACK=0
RDP_PORT=3389
SESSION_EXPIRE_AT_BROWSER_CLOSE=True
CORE_HOST=http://core:8080
JUMPSERVER_ENABLE_FONT_SMOOTHING=True
SERVER_HOSTNAME=${HOSTNAME}

The offline installation is faster because it avoids pulling large Docker images from the internet. After the script finishes, you will see a summary similar to the online method.

# Install Jumpserver
./jmsctl.sh install
# Start Jumpserver
./jmsctl.sh start

When the service starts, the web UI is reachable at http:// IP :80 . The first login uses admin / admin ; you will be prompted to change the password.

Jumpserver Command Reference

# Change to the Jumpserver directory
cd /opt/jumpserver
# Install Jumpserver
./jmsctl.sh install
# Upgrade Jumpserver
./jmsctl.sh upgrade [version]
# Check for updates
./jmsctl.sh check_update
# Start Jumpserver
./jmsctl.sh start
# Stop Jumpserver
./jmsctl.sh stop
# Close Jumpserver
./jmsctl.sh close
# Restart Jumpserver
./jmsctl.sh restart
# Check running status
./jmsctl.sh status
# Uninstall Jumpserver
./jmsctl.sh uninstall
# Show help
./jmsctl.sh -h

Web UI Access

Open http:// IP :80 in a browser. The default account is admin with password admin ; change the password after the first login.