Jump to content


Photo

TNI Scan on Ubuntu client machine


  • Please log in to reply
10 replies to this topic

#1 mathdufort

mathdufort

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 03 October 2019 - 07:43 AM

Hi,

 

I am trying to add our Linux based computers to TNI.  I have tried the two possible ways:

 

1- I tried copying the tnilinagent and tnilinagent_x64 from the server's "C:\Program Files (x86)\Total Network Inventory" folder to a local folder on my Ubuntu machine.  I chmod 755 the files and tried launching the scripts by entering :

 

1A- "./tnilinagent"   ->    I get "./tnilinagent: line 42: /home/lifuser/tmp.REdDcvEd1P/tnilinagent: no such file or directory" (or something close since my ubuntu system is in french)

1B- "sudo ./tnilinagent"    ->    After entering the password for "lifuser" I get "./tnilinagent: line 42: /home/lifuser/tmp.REdDcvEd1P/tnilinagent: no such file or directory" (or something close since my ubuntu system is in french)

1C- "./thilinagent_x64"     ->    I get "Error: Insufficient privileges to run the application."

1D- "sudo ./tnilinagent_x64"     ->     After entering the password for "lifuser" I get "Error: Insufficient privileges to run the application."

 

2- I also tried launching the scan from the TNI server. 

 

2A- I installed openssh-server on my ubuntu machine and made sure I can connect from the server using putty and the "lifuser" user

2B- In TNI, I entered the ip address of my client machine, I created a new SSH user using the "lifuser" credentials

2C- I launch the scan, TNI connects to the client machine (I tried putting the wrong password and it gives me an authentication fail).

2D- TNI does the following steps (analyzing ports, connection, copying files, analyzing) and then it fails with the error: "Fail : SSH [sudo] password for lifuser : Sorry, try again" (again my error message is in french so please forgive my (maybe) bad translation).

 

Could you help me with this situation please?

 

Thanks in advance and have a nice day!



#2 Alex

Alex

    Support

  • Administrators
  • PipPipPip
  • 248 posts
  • Gender:Male

Posted 04 October 2019 - 01:46 AM

Hello,

 

Thanks for your message.

 

Please let us know what Linux version you are trying to scan.

 

Usually these two commands should run the agent without a problem if you are using an account with administrative privileges:

chmod 755 tnilinagent_x64
tnilinagent_x64

 

Have you tried performing the scan using the root account? Let us know if "lifuser" is in the sudoers group?



#3 mathdufort

mathdufort

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 04 October 2019 - 11:01 AM

I am trying to scan a Ubuntu Desktop 18.04.3 LTS 64bits machine.  Ubuntu doesn't create a root account, it instead creates a normal account with sudo privileges.  lifuser is in the sudoers group and is the only account on this machine.  I tried running the two commands you specified but with the result I have written in my first post.

 

Thank you for your help... 



#4 Alex

Alex

    Support

  • Administrators
  • PipPipPip
  • 248 posts
  • Gender:Male

Posted 07 October 2019 - 06:08 AM

Thanks for the information. We'll check the scanning agent on this Ubuntu version and let you know the result. 



#5 mathdufort

mathdufort

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 07 October 2019 - 09:30 AM

Thank you for the follow up!  :D  I'll be waiting!



#6 mathdufort

mathdufort

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 22 October 2019 - 11:04 AM

Any update on this?



#7 Alex

Alex

    Support

  • Administrators
  • PipPipPip
  • 248 posts
  • Gender:Male

Posted 24 October 2019 - 03:49 AM

We apologize for the delay.

 

We've checked all possible scenarios on this Ubuntu version, but we haven't encountered this problem on both root and standard users. Please try one of the following solutions:

 

1. Create a new user and add it to the sudoers group. There may be a problem with your current user.

 

2. You can enable the root account and use it to perform the scan:

a. Use the following command to change or create the root password:

sudo passwd root

b. Edit the OpenSSH config:

sudo gedit /etc/ssh/sshd_config

Change the "PermitRootLogin" string to "yes" and make sure the line is not a comment.

 

c. Restart the SSH service:

sudo systemctl restart ssh.service

After that, try scanning this computer remotely using the root credentials.



#8 mathdufort

mathdufort

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 25 October 2019 - 04:23 AM

Hi Alex!

 

I tried following the mentioned steps and everything went smoothly.  I'm a little concerned about security issues with having to allow SSH from the root account though.  It's normally best practice to disable SSH Login from root account.  I'll try with another account than the "lifuser" account.  Maybe there's something wrong with it...  Just for testing purpose, I have reset the root password to the same as the "lifuser" account and from the TNI Server, I get a fail when I try to scan using "lifuser" credentials but a successful scan using the root account.  I tried verifying each account's sudo permissions and they are the same.

 

Again, thank you for your help!



#9 mathdufort

mathdufort

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 25 October 2019 - 04:46 AM

I tried again with the "lifuser" user and here is what I see on the client in the /var/log/auth.log file

 

Oct 25 08:42:11 lif-p45190 sshd[4740]: Did not receive identification string from 192.168.10.228 port 1464
Oct 25 08:42:11 lif-p45190 sshd[4741]: Accepted password for lifuser from 192.168.10.228 port 1468 ssh2
Oct 25 08:42:11 lif-p45190 sshd[4741]: pam_unix(sshd:session): session opened for user lifuser by (uid=0)
Oct 25 08:42:11 lif-p45190 systemd-logind[851]: New session 10 of user lifuser.
Oct 25 08:42:11 lif-p45190 sudo: pam_unix(sudo:auth): authentication failure; logname=lifuser uid=1000 euid=0 tty=/dev/pts/1 ruser=lifuser rhost=  user=lifuser
Oct 25 08:42:13 lif-p45190 sudo: pam_unix(sudo:auth): conversation failed
Oct 25 08:42:13 lif-p45190 sudo: pam_unix(sudo:auth): auth could not identify password for [lifuser]
Oct 25 08:42:13 lif-p45190 sudo:  lifuser : 1 incorrect password attempt ; TTY=pts/1 ; PWD=/home/lifuser/.tnilinagent_x64 ; USER=root ; COMMAND=./tnilinagent_x64 /silent /ip:172.16.24.210 /login:linux LIF
Oct 25 08:42:14 lif-p45190 sshd[4805]: Received disconnect from 192.168.10.228 port 1468:11: TNI session terminated.
Oct 25 08:42:14 lif-p45190 sshd[4805]: Disconnected from user lifuser 192.168.10.228 port 1468
Oct 25 08:42:14 lif-p45190 sshd[4741]: pam_unix(sshd:session): session closed for user lifuser
Oct 25 08:42:14 lif-p45190 systemd-logind[851]: Removed session 10.
 
"linux LIF" is the name of the user profile to use in the TNI Server.  Can you see something wrong in this log?


#10 Alex

Alex

    Support

  • Administrators
  • PipPipPip
  • 248 posts
  • Gender:Male

Posted 28 October 2019 - 04:48 AM

Hello,

 

I've checked the log, and if I am not mistaken, this may be the PAM auth module problem. In any case, we were unable to reproduce this issue in our environment.

 

Not sure if this will help, but a similar problem is described on this page:

https://stackoverflo...fy-password-for



#11 mathdufort

mathdufort

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 13 November 2019 - 01:04 PM

Thank you for getting back with a possible solution. I will try messing with PAM and get back if it worked or not!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users