This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- General Discussions
- Re: LinuxWrongSudoPassword
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Register to ask a question, start a topic or share an idea
Join the Community
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-12-2018 03:32 PM
Hello,
I have a Debian Linux 9.3 VM. I created a lansweeper user for scanning and added and mapped the credentials in Lansweeper. It was able to scan the VM without any issues, except that it's throwing an error LinuxWrongSudoPassword. So I saw that Lansweeper tries to run dmidecode to get more info on the hardware. OK, no problem, but I had already added the lansweeper user to the sudo group and tested it by logging in as lansweeper via SSH and running sudo dmidecode, providing the same password I logged in with via SSH and it works.
So what is Lansweeper passing for the password and why is it different than the credentials that were used to connect via SSH in the first place?
On the server side, I receive the following on each scan:
Feb 11 12:13:06 : lansweeper : 1 incorrect password attempt ; TTY=unknown ; PWD=/home/lansweeper ; USER=root ; COMMAND=/usr/sbin/dmidecode -V
I have a Debian Linux 9.3 VM. I created a lansweeper user for scanning and added and mapped the credentials in Lansweeper. It was able to scan the VM without any issues, except that it's throwing an error LinuxWrongSudoPassword. So I saw that Lansweeper tries to run dmidecode to get more info on the hardware. OK, no problem, but I had already added the lansweeper user to the sudo group and tested it by logging in as lansweeper via SSH and running sudo dmidecode, providing the same password I logged in with via SSH and it works.
So what is Lansweeper passing for the password and why is it different than the credentials that were used to connect via SSH in the first place?
On the server side, I receive the following on each scan:
Feb 11 12:13:06 : lansweeper : 1 incorrect password attempt ; TTY=unknown ; PWD=/home/lansweeper ; USER=root ; COMMAND=/usr/sbin/dmidecode -V
Labels:
- Labels:
-
General Discussion
7 REPLIES 7
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-23-2018 04:18 PM
My question is what is the documented way that Lansweeper uses sudo? If it doesn't pass a password, where is this behavior documented? Also, why shouldn't it send a password if it already did to login via SSH and the default configuration of sudo for any user would normally prompt for their password again?
Or do I just have something configured wrong somewhere? I can't find any documentation or settings for the sudo password.
Or do I just have something configured wrong somewhere? I can't find any documentation or settings for the sudo password.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-23-2018 09:12 AM
Sorry I don't understand what you mean. Using the sudo line I wrote it doesn't expose to security risks, which is the problem?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-22-2018 07:12 PM
I'm sure that will work as well (although it would have to be /usr/sbin/dmidecode), but am I the only one that seems to have this problem? Is there documentation I'm missing saying this has to be configured on every Linux machine for sudo to work because Lansweeper doesn't pass any credentials when running sudo?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-22-2018 12:51 PM
Try this:
lansweeper ALL = NOPASSWD: /sbin/dmidecode
lansweeper ALL = NOPASSWD: /sbin/dmidecode
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-14-2018 03:42 PM
I just deleted the asset from Lansweeper and had it rescan it again and got the same result. It discovered all the details about the system except for the hardware and threw the same sudo error.
I was able to resolve this by using visudo and setting the lansweeper user as follows:
lansweeper ALL = NOPASSWD: ALL
It then worked successfully because it's not prompting for a password when running sudo for the user lansweeper. This isn't desirable of course.
So, how do I configure the sudo password being passed? Logically, it should be the identical password being used for SSH which I've tested successfully for that user running the identical commands. I'm not sure how to debug what lansweeper is doing beyond what I've captured so far.
I was able to resolve this by using visudo and setting the lansweeper user as follows:
lansweeper ALL = NOPASSWD: ALL
It then worked successfully because it's not prompting for a password when running sudo for the user lansweeper. This isn't desirable of course.
So, how do I configure the sudo password being passed? Logically, it should be the identical password being used for SSH which I've tested successfully for that user running the identical commands. I'm not sure how to debug what lansweeper is doing beyond what I've captured so far.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-14-2018 03:27 PM
OK. That isn't the behavior I appear to be observing. Based on the logs, I see Lansweeper connecting with the mapped credentials via SSH successfully, then trying to use sudo and passing other unknown credentials and failing. It should be passing the same ones it just used for ssh again for sudo. It happens daily during the scan of the machine.
Feb 13 12:13:10 akweb sshd[57064]: Accepted password for lansweeper from 192.168.1.15 port 2134 ssh2
Feb 13 12:13:10 akweb sshd[57064]: pam_unix(sshd:session): session opened for user lansweeper by (uid=0)
Feb 13 12:13:11 akweb systemd-logind[562]: New session 246 of user lansweeper.
Feb 13 12:13:11 akweb systemd: pam_unix(systemd-user:session): session opened for user lansweeper by (uid=0)
Feb 13 12:13:12 akweb sudo: pam_unix(sudo:auth): authentication failure; logname= uid=1001 euid=0 tty= ruser=lansweeper rhost= user=lansweeper
Feb 13 12:13:14 akweb sudo: pam_unix(sudo:auth): auth could not identify password for [lansweeper]
Feb 13 12:13:14 akweb sudo: lansweeper : 1 incorrect password attempt ; TTY=unknown ; PWD=/home/lansweeper ; USER=root ; COMMAND=/usr/sbin/dmidecode -V
Feb 13 12:13:14 akweb sshd[57064]: pam_unix(sshd:session): session closed for user lansweeper
Feb 13 12:13:10 akweb sshd[57064]: Accepted password for lansweeper from 192.168.1.15 port 2134 ssh2
Feb 13 12:13:10 akweb sshd[57064]: pam_unix(sshd:session): session opened for user lansweeper by (uid=0)
Feb 13 12:13:11 akweb systemd-logind[562]: New session 246 of user lansweeper.
Feb 13 12:13:11 akweb systemd: pam_unix(systemd-user:session): session opened for user lansweeper by (uid=0)
Feb 13 12:13:12 akweb sudo: pam_unix(sudo:auth): authentication failure; logname= uid=1001 euid=0 tty= ruser=lansweeper rhost= user=lansweeper
Feb 13 12:13:14 akweb sudo: pam_unix(sudo:auth): auth could not identify password for [lansweeper]
Feb 13 12:13:14 akweb sudo: lansweeper : 1 incorrect password attempt ; TTY=unknown ; PWD=/home/lansweeper ; USER=root ; COMMAND=/usr/sbin/dmidecode -V
Feb 13 12:13:14 akweb sshd[57064]: pam_unix(sshd:session): session closed for user lansweeper
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-14-2018 01:44 PM
If I'm reading this correctly, the asset is scanned successfully, but you are still getting the error?
When Lansweeper scans an asset in an IP Range for the fist time, it tries to use the credentials mapped to the IP Range first and if those fail it will try all global credentials. Once an asset has been successfully scanned, Lansweeper caches which credential was successful.
When Lansweeper scans an asset in an IP Range for the fist time, it tries to use the credentials mapped to the IP Range first and if those fail it will try all global credentials. Once an asset has been successfully scanned, Lansweeper caches which credential was successful.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
