Jump to content

TNI Scan on Ubuntu client machine


Recommended Posts

Hi,

 

I am trying to add our Linux based computers to TNI.  I have tried the two possible ways:

 

1- I tried copying the tnilinagent and tnilinagent_x64 from the server's "C:\Program Files (x86)\Total Network Inventory" folder to a local folder on my Ubuntu machine.  I chmod 755 the files and tried launching the scripts by entering :

 

1A- "./tnilinagent"   ->    I get "./tnilinagent: line 42: /home/lifuser/tmp.REdDcvEd1P/tnilinagent: no such file or directory" (or something close since my ubuntu system is in french)

1B- "sudo ./tnilinagent"    ->    After entering the password for "lifuser" I get "./tnilinagent: line 42: /home/lifuser/tmp.REdDcvEd1P/tnilinagent: no such file or directory" (or something close since my ubuntu system is in french)

1C- "./thilinagent_x64"     ->    I get "Error: Insufficient privileges to run the application."

1D- "sudo ./tnilinagent_x64"     ->     After entering the password for "lifuser" I get "Error: Insufficient privileges to run the application."

 

2- I also tried launching the scan from the TNI server. 

 

2A- I installed openssh-server on my ubuntu machine and made sure I can connect from the server using putty and the "lifuser" user

2B- In TNI, I entered the ip address of my client machine, I created a new SSH user using the "lifuser" credentials

2C- I launch the scan, TNI connects to the client machine (I tried putting the wrong password and it gives me an authentication fail).

2D- TNI does the following steps (analyzing ports, connection, copying files, analyzing) and then it fails with the error: "Fail : SSH [sudo] password for lifuser : Sorry, try again" (again my error message is in french so please forgive my (maybe) bad translation).

 

Could you help me with this situation please?

 

Thanks in advance and have a nice day!

Link to post
Share on other sites

Hello,

 

Thanks for your message.

 

Please let us know what Linux version you are trying to scan.

 

Usually these two commands should run the agent without a problem if you are using an account with administrative privileges:

chmod 755 tnilinagent_x64
tnilinagent_x64

 

Have you tried performing the scan using the root account? Let us know if "lifuser" is in the sudoers group?

Link to post
Share on other sites

I am trying to scan a Ubuntu Desktop 18.04.3 LTS 64bits machine.  Ubuntu doesn't create a root account, it instead creates a normal account with sudo privileges.  lifuser is in the sudoers group and is the only account on this machine.  I tried running the two commands you specified but with the result I have written in my first post.

 

Thank you for your help... 

Link to post
Share on other sites
  • 3 weeks later...

We apologize for the delay.

 

We've checked all possible scenarios on this Ubuntu version, but we haven't encountered this problem on both root and standard users. Please try one of the following solutions:

 

1. Create a new user and add it to the sudoers group. There may be a problem with your current user.

 

2. You can enable the root account and use it to perform the scan:

a. Use the following command to change or create the root password:

sudo passwd root

b. Edit the OpenSSH config:

sudo gedit /etc/ssh/sshd_config

Change the "PermitRootLogin" string to "yes" and make sure the line is not a comment.

 

c. Restart the SSH service:

sudo systemctl restart ssh.service

After that, try scanning this computer remotely using the root credentials.

Link to post
Share on other sites

Hi Alex!

 

I tried following the mentioned steps and everything went smoothly.  I'm a little concerned about security issues with having to allow SSH from the root account though.  It's normally best practice to disable SSH Login from root account.  I'll try with another account than the "lifuser" account.  Maybe there's something wrong with it...  Just for testing purpose, I have reset the root password to the same as the "lifuser" account and from the TNI Server, I get a fail when I try to scan using "lifuser" credentials but a successful scan using the root account.  I tried verifying each account's sudo permissions and they are the same.

 

Again, thank you for your help!

Link to post
Share on other sites

I tried again with the "lifuser" user and here is what I see on the client in the /var/log/auth.log file

 

Oct 25 08:42:11 lif-p45190 sshd[4740]: Did not receive identification string from 192.168.10.228 port 1464
Oct 25 08:42:11 lif-p45190 sshd[4741]: Accepted password for lifuser from 192.168.10.228 port 1468 ssh2
Oct 25 08:42:11 lif-p45190 sshd[4741]: pam_unix(sshd:session): session opened for user lifuser by (uid=0)
Oct 25 08:42:11 lif-p45190 systemd-logind[851]: New session 10 of user lifuser.
Oct 25 08:42:11 lif-p45190 sudo: pam_unix(sudo:auth): authentication failure; logname=lifuser uid=1000 euid=0 tty=/dev/pts/1 ruser=lifuser rhost=  user=lifuser
Oct 25 08:42:13 lif-p45190 sudo: pam_unix(sudo:auth): conversation failed
Oct 25 08:42:13 lif-p45190 sudo: pam_unix(sudo:auth): auth could not identify password for [lifuser]
Oct 25 08:42:13 lif-p45190 sudo:  lifuser : 1 incorrect password attempt ; TTY=pts/1 ; PWD=/home/lifuser/.tnilinagent_x64 ; USER=root ; COMMAND=./tnilinagent_x64 /silent /ip:172.16.24.210 /login:linux LIF
Oct 25 08:42:14 lif-p45190 sshd[4805]: Received disconnect from 192.168.10.228 port 1468:11: TNI session terminated.
Oct 25 08:42:14 lif-p45190 sshd[4805]: Disconnected from user lifuser 192.168.10.228 port 1468
Oct 25 08:42:14 lif-p45190 sshd[4741]: pam_unix(sshd:session): session closed for user lifuser
Oct 25 08:42:14 lif-p45190 systemd-logind[851]: Removed session 10.
 
"linux LIF" is the name of the user profile to use in the TNI Server.  Can you see something wrong in this log?
Link to post
Share on other sites

Hello,

 

I've checked the log, and if I am not mistaken, this may be the PAM auth module problem. In any case, we were unable to reproduce this issue in our environment.

 

Not sure if this will help, but a similar problem is described on this page:

https://stackoverflow.com/questions/57657645/pam-unixsudoauth-conversation-failed-auth-could-not-identify-password-for

Link to post
Share on other sites
  • 3 weeks later...
  • 1 year later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...