[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1808
  • Last Modified:

How to configure ttysnoop?

I am having fedora core 6 server. I want to monitor the user activity using ttysnoop. I want to know how to configure ttysnoop in fedora core 6?
0
rajasekarramasamy
Asked:
rajasekarramasamy
  • 4
  • 3
1 Solution
 
mail2prabirCommented:
a nice administrator tool called TTYSNOOP, permits to watch what other persons are doing in other terminals. Usefull for security people.

Steps:
1) Download openssh from http://openbsd.md5.com.ar/pub/OpenBSD/OpenSSH/portable/
wget http://openbsd.md5.com.ar/pub/OpenBSD/OpenSSH/portable/openssh-4.6p1.tar.gz
2) Uncompress it
tar zxvf openssh-4.6p1.tar.gz
3) Compile it, you have to set the "login" program that ssh has to use !
cd openssh-4.6p1
export LOGIN_PROGRAM="/sbin/foo_login"
cd openssh-4.6p1
./configure --prefix=/usr --sysconfdir=/etc/ssh --without-zlib-version-check --with-pam --with-tcp-wrappers
make
make install

4) Modify the sshd_config file, should be located in /etc/ssh/sshd_config and change these variables:
PasswordAuthentication yes
UseLogin yes

Compile ttysnoop
5) Download ttysnoop from http://freshmeat.net/redir/ttysnoop26/
wget http://freshmeat.net/redir/ttysnoop26/50871/url_tgz/ttysnoop-0.12d.k26.tar.gz
6) tar xzvf ttysnoop-0.12d.k26.tar.gz
7) cd ttysnoop-0.12d.k26
8) make
9) make install

10) Copy the new login from ttysnoop:
cp ttysnoops /sbin/foo_login
11) This directory is not created, you have to do it:
mkdir /var/spool/ttysnoop

12) copy snooptab.dist to /etc
cp snooptab.dist /etc/snooptab

13) Edit /etc/snooptab
Comment all lines except:
* socket login /bin/login

Now you can use it:
#w
wlamagna pts/1 192.168.2.20 16:51 0.00s 1:42 0.01s login -- wlamagna

In another terminal write this to snoop terminal 1.
#ttysnoop 1
0
 
rajasekarramasamyAuthor Commented:
0
 
mail2prabirCommented:
sorry for the broken link. it is available on
http://freshmeat.net/projects/ttysnoop26/
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
rajasekarramasamyAuthor Commented:
when i type ttysnoop 4 it showing this error

Can't connect to server
0
 
mail2prabirCommented:
#w wlamagna pts/1 192.168.2.20 16:51 e 0.00s 1:42 0.01s login -- wlamagna

did you change the ip address here to suit your setup?
0
 
rajasekarramasamyAuthor Commented:
I need to enter this line  at command prompt? . Please explain the command below.

#w wlamagna pts/1 192.168.2.20 16:51 e 0.00s 1:42 0.01s login -- wlamagna

I enterd only ttysnoop 4.
0
 
rajasekarramasamyAuthor Commented:
kindly explain this line

#w wlamagna pts/1 192.168.2.20 16:51 e 0.00s 1:42 0.01s login -- wlamagna
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now