After verifying the password, workflows and MFA, we launch the proxy to server connection and redirect in / out / err flows between these two connections. Like with the keystrokes recording case, we support recording the text that the user typed inside the session. To catch the transferred files, we provided support for the SCP / SFTP protocols, and we can save all transferred files on the server so that the supervisor can view them later.
We also have our interactive shell in this proxy. It goes into effect if the user did not correctly enter the remote server’s record ID, record name, or IP address. We made basic commands in the shell to display the records for which the user has rights and can connect to the record directly from the shell. In this case, if the user logs out of the remote session (presses ctrl-d or logout), then they go back to the shell.