Hi. On Sat, 29 Oct 2016 09:45:21 +0000 Pietro <pulsarpie...@posteo.net> wrote:
> Hi, > > I have tried to write directly to the author (c...@miskatonic.inbe.net) > as reported in the man page but the domain does not exist anymore. It's an old tool. Such things are to be expected. > I am lost in a glass of water - as we use to say in Italy - and I really > do not know where to get some light from as Google is very good .. > in giving partial answers or to increase the amount of confusion in > somebody's mind :-) > > The ttysnooping tool which comes with Debian seems to be broken, I can > successfully log in after having modified the inittabfile but I can't > snoop anything as all I get from the ttysnooping client is a prompt for > a password which is swiftly refused - I am assuming the root password is > what the tool is asking for. Personally I could never understand why bother implementing such a tool in the first place, since tty snooping (among the other things) can be done with relatively simple strace invocation. Still, according to the package's README.Debian, 'ttysnoop ttyFOO' requires a root password. You should probably ensure that your gettys are running with '-L /usr/sbin/ttysnoops' commandline option. > I really do not understand as I am sure I am typing the correct > password, what's happening ? Install ltrace. Run as root (crucial!): ltrace ttysnoop <needed_tty_here> Post the result here. Feel free to edit out any references to a real passwords, usernames or hashes of above. > I have tried to download the sources and compile them for Slackware but > I am still experiencing the same issue, I am a bit confused by the fact > that I can't find any "main" repository for the project while there are > plenty of tarball coming from different Linux distros. According to [1], upstream site was http://ftp.cc.gatech.edu/, which is now considered unavailable. According to the 'control' file, one should be able to grab the source via svn, by using [2]. > Is there a "vanilla" version I can download and play with or, as > alternative, would you be able to tell me the terribly naive mistake I > am making ? Not anymore. Upstream is unavailable. > The first Google's result does not contain anything "down-loadable" and > what I have been playing with gives me the issues I have just described: > > https://packages.debian.org/sid/admin/ttysnoop That's the Debian package's page. > Is this the "official" website for the project ? > > https://sourceforge.net/projects/ttysnoop/ SourceForge is a warez dump. Don't trust anything downloaded from there. Reco [1] http://http.debian.net/debian/pool/main/t/ttysnoop/ttysnoop_0.12d-6.debian.tar.gz [2] svn://anonscm.debian.org/collab-maint/deb-maint/ttysnoop/trunk/
