cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
vabello
Engaged Sweeper II
Hello,

I have a Debian Linux 9.3 VM. I created a lansweeper user for scanning and added and mapped the credentials in Lansweeper. It was able to scan the VM without any issues, except that it's throwing an error LinuxWrongSudoPassword. So I saw that Lansweeper tries to run dmidecode to get more info on the hardware. OK, no problem, but I had already added the lansweeper user to the sudo group and tested it by logging in as lansweeper via SSH and running sudo dmidecode, providing the same password I logged in with via SSH and it works.

So what is Lansweeper passing for the password and why is it different than the credentials that were used to connect via SSH in the first place?

On the server side, I receive the following on each scan:

Feb 11 12:13:06 : lansweeper : 1 incorrect password attempt ; TTY=unknown ; PWD=/home/lansweeper ; USER=root ; COMMAND=/usr/sbin/dmidecode -V

7 REPLIES 7
vabello
Engaged Sweeper II
My question is what is the documented way that Lansweeper uses sudo? If it doesn't pass a password, where is this behavior documented? Also, why shouldn't it send a password if it already did to login via SSH and the default configuration of sudo for any user would normally prompt for their password again?

Or do I just have something configured wrong somewhere? I can't find any documentation or settings for the sudo password.
frayber
Engaged Sweeper
Sorry I don't understand what you mean. Using the sudo line I wrote it doesn't expose to security risks, which is the problem?
vabello
Engaged Sweeper II
I'm sure that will work as well (although it would have to be /usr/sbin/dmidecode), but am I the only one that seems to have this problem? Is there documentation I'm missing saying this has to be configured on every Linux machine for sudo to work because Lansweeper doesn't pass any credentials when running sudo?
frayber
Engaged Sweeper
Try this:

lansweeper ALL = NOPASSWD: /sbin/dmidecode
vabello
Engaged Sweeper II
I just deleted the asset from Lansweeper and had it rescan it again and got the same result. It discovered all the details about the system except for the hardware and threw the same sudo error.

I was able to resolve this by using visudo and setting the lansweeper user as follows:

lansweeper ALL = NOPASSWD: ALL

It then worked successfully because it's not prompting for a password when running sudo for the user lansweeper. This isn't desirable of course.

So, how do I configure the sudo password being passed? Logically, it should be the identical password being used for SSH which I've tested successfully for that user running the identical commands. I'm not sure how to debug what lansweeper is doing beyond what I've captured so far.
vabello
Engaged Sweeper II
OK. That isn't the behavior I appear to be observing. Based on the logs, I see Lansweeper connecting with the mapped credentials via SSH successfully, then trying to use sudo and passing other unknown credentials and failing. It should be passing the same ones it just used for ssh again for sudo. It happens daily during the scan of the machine.

Feb 13 12:13:10 akweb sshd[57064]: Accepted password for lansweeper from 192.168.1.15 port 2134 ssh2
Feb 13 12:13:10 akweb sshd[57064]: pam_unix(sshd:session): session opened for user lansweeper by (uid=0)
Feb 13 12:13:11 akweb systemd-logind[562]: New session 246 of user lansweeper.
Feb 13 12:13:11 akweb systemd: pam_unix(systemd-user:session): session opened for user lansweeper by (uid=0)
Feb 13 12:13:12 akweb sudo: pam_unix(sudo:auth): authentication failure; logname= uid=1001 euid=0 tty= ruser=lansweeper rhost= user=lansweeper
Feb 13 12:13:14 akweb sudo: pam_unix(sudo:auth): auth could not identify password for [lansweeper]
Feb 13 12:13:14 akweb sudo: lansweeper : 1 incorrect password attempt ; TTY=unknown ; PWD=/home/lansweeper ; USER=root ; COMMAND=/usr/sbin/dmidecode -V
Feb 13 12:13:14 akweb sshd[57064]: pam_unix(sshd:session): session closed for user lansweeper
Esben_D
Lansweeper Employee
Lansweeper Employee
If I'm reading this correctly, the asset is scanned successfully, but you are still getting the error?

When Lansweeper scans an asset in an IP Range for the fist time, it tries to use the credentials mapped to the IP Range first and if those fail it will try all global credentials. Once an asset has been successfully scanned, Lansweeper caches which credential was successful.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now