How To Install TTYSNOOP on linux

"TTYSnoop allows you to snoop on login tty's through another tty-device or pseudo-tty. The snoop-tty becomes a 'clone' of the original tty, redirecting both input and output from/to it." ( Font )

This is a nice administrator tool that permits to watch what other persons do in other terminals.
It worked fine on Suse and RedHat, this guid will help you to configure it.

Installing TTYSNOO
Download and install openssh:
# wget
# tar zxvf openssh-4.6p1.tar.gz
# cd openssh-4.6p1
# export LOGIN_PROGRAM="/sbin/foo_login"
# cd openssh-4.6p1
# ./configure --prefix=/usr --sysconfdir=/etc/ssh --without-zlib-version-check --with-pam --with-tcp-wrappers
# make
# make install

Now, modify the sshd_config file (you should find it on location: /etc/ssh/sshd_config) to:
PasswordAuthentication yes
UseLogin yes

Install ttysnoop
# wget
# tar xzvf ttysnoop-0.12d.k26.tar.gz
# cd ttysnoop-0.12d.k26
# make
# make install

Copy the new login from ttysnoop and create /var/spool/ttysnoop:
# cp ttysnoops /sbin/foo_login
# mkdir /var/spool/ttysnoop

Copy snooptab.dist to /etc :
# cp snooptab.dist /etc/snooptab

Edit etc/snooptab
# nano /etc/snooptab
Comment all lines except * socket login /bin/login , save and exit

Now you can use:
wlamagna pts/1 16:51 0.00s 1:42 0.01s login -- wlamagna

In another terminal write this to snoop terminal 1.
#ttysnoop 1

Is should be fine now to use ttysnoop


source said...