ttysnoop for kernel 2.6
This project was made by a friend of mine, Vinicius Anselmo. He
discontinued it's development (as it showed to be incompatible with
later Linux kernels), so I proposed to host his work on my site.
First you will need the source code of the
Now it is necessary to verify the paths, so that the new executable
uses the same configuration files of your system. For my system I solved making this modification in
And executing the script configure specifying a null prefix:
Now compile the program. Make a backup copy of your
I use: who -u | grep -v ?
to see who really is on my system. I don't know how to solve it.
ttysnoop
is a small program made by Carl Declerck that allows an
administrator to snoop on login terminal through another. It worked until kernel 2.4 because they still with BSD-style pty
's
support. Here it is a solution for 2.6.Screenshot:
SSH:
Is ttysnoop compatible withsshd
? ttysnoop was created to work with inetd
, however,
there is a way to make it work with sshd
.First you will need the source code of the
sshd
. Edit the file configure
and add these lines:LOGIN_PROGRAM="/sbin/ttysnoops"
export LOGIN_PROGRAM
pathnames.h
:// #ifndef SSHDIR
#define SSHDIR ETCDIR "/ssh"
// #endif
./configure --prefix=
/usr/sbin/sshd
and put your new sshd
in the
place. That should work. If you are using RedHat or Fedora Core you can try to use my
executable (see below).Bugs:
After log out, it doesn't remove the pseudo-terminal entry. Meaning people showed up as still logged in when they weren't.I use: who -u | grep -v ?
to see who really is on my system. I don't know how to solve it.
stas » May 4, 2006 » 13:09
29820 reads
|