JumpServer is an open-source bastion host that adheres to 4A security standards, enabling secure access control, real-time monitoring, and post-operation auditing for IT assets. This guide demonstrates how to install JumpServer locally and expose its web interface over the public internet using cpolar for remote access without a public IP or domain.

Enstall JumpServer

Begin by setting up the required environment as outlined in the official documentation. Then, use the following one-liner to perform an online installation:

curl -sSL https://resource.fit2cloud.com/jumpserver/jumpserver/releases/latest/download/quick_start.sh | bash

Upon completion, the installer displays the local access URL (typically on port 80), along with the default credentials: username admin and password admin.

Verify Local Access

Open a browser and navigate to http://<local-ip> (or localhost if accessing from the same machine). Log in using the default credentials to confirm the service is running correctly.

Install cpolar for Tunneling

To enable remote access, install cpolar, a reverse tunneling tool:

curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash

Enable and start the service:

sudo systemctl enable cpolar
sudo systemctl start cpolar

Access the cpolar web UI at http://<local-ip>:9200, logging in with your cpolar account.

Create a Public Tunnel for JumpServer

In the cpolar dashboard:

1. Go to Tunnel Management → Create Tunnel.
2. Configure as follows:
   • Name: Choose a unique name (e.g., jumpserver-web)
   • Protocol: HTTP
   • Local Address: 80
   • Domain Type: Random Domain (free tier)
   • Region: China VIP
3. Click Create.

After creation, navigate to Status → Online Tunnels to find the assigned public HTTP/HTTPS URLs.

Access JumpServer Remotely

Use the generated public URL (e.g., http://abc123.cpolar.io) in any browser to reach the JumpServer login page. You may need to re-authenticate.

Assign a Fixed Subdomain

The free rendom domain expires every 24 hours. For persistent access, reserve a custom subdomain:

1. On the cpolar website, go to Reserved Domains → Reserve Subdomain.
2. Enter a desired name (e.g., my-jumpserver) and click Reserve.
3. Return to the cpolar web UI, edit the existing tunnel, and update:
   • Domain Type: Custom Subdomain
   • Sub Domain: my-jumpserver
4. Click Update once.

The tunnel now uses a fixed address like http://my-jumpserver.cpolar.cn. Use this URL for reliable long-term remote access to your JumpServer instance.