HPE Community
Operating System - HP-UX
1847633 Members
4391 Online
110265 Solutions
New Discussion

Keystorke logging and Ignite do not play nicely together

 
Gary Beckett
Occasional Advisor

‎09-01-2010 03:53 PM

‎09-01-2010 03:53 PM

Keystorke logging and Ignite do not play nicely together

Hi all. (sorry for the lenght of the post)
Have and interesting problem. I finally succeded in configuring HP-UX's RBAC KeyStroke logging feature. I had a heck of a time getting it to work, but after contacting HP tech support they sent me an obsure internal article that detailed the need to change the
/opt/ssh/etc/sshd_config line statement "UseLogin" to "yes". From the default "no". I wish I could just post the URL, but all sent me was the article. See below.
So, having configured KeyStroke logging and feeling pretty good about it, I was soon kick to the proverbial floor when it turned out that the fix for KeyStroke logging now breaks my GUI Ignite backups. This is what is happening.

On systemA: "UseLogin no" is set. KeyStroke logging does not work. Reasons explained below. When I bring up my Ignite GUI from SystemB and click "Create Network Recovery Archive" for SystemA it works.

On SystemA: "UseLogin yes" is set. KeyStroke logging works when I login to systemA.
When I bring up my Ignite GUI from SystemB and click "Create Network Recovery Archive" for SystemA it throws a Pop-Up error:
---
Warning: No Xauth data; using fake authentication data for X11 forwading.
mnr_ui: Couldn't bring up the initial window. this may occur when you specify an incorrect dispaly.
Error: The interactive UI failed to start. Checkyour terminal type.
---

Its not, as far as I can tell a display issue. Though I'm not a guru with passing X thorugh ssh. I've scoured all the threads and have played with the ForwardX11Trusted, ForwardAgent, ForwardX11 settings in ssh_config and sshd_config on both SystemA and SystemB in various combinations. To no avail.
If this sounds familiar and can help or if you can just make suggests I could try, I'd appreciate it.

HP Internal Document removed!
Gary Beckett
0 Kudos
Reply
2 REPLIES 2
Jim Walls
Trusted Contributor

‎09-01-2010 05:46 PM

‎09-01-2010 05:46 PM

Re: Keystorke logging and Ignite do not play nicely together

We don't use keylogging; however, we have a note in our sshd_config files that might give you a clue...

## For Trusted Systems we need to set the following in order to use
### Passwords longer than 8 characters
UsePAM yes
ChallengeResponseAuthentication no


We put this in after suffering spurious login problems - it took a bit of digging because not all of our systems (at that time ) were trusted... so there were mostly shortish passwords in use - but some people had longer ones.

Your problem may not be passwords but it could be related to authentication.




0 Kudos
Reply
Viktor Balogh
Honored Contributor

‎09-03-2010 08:22 AM

‎09-03-2010 08:22 AM

Re: Keystorke logging and Ignite do not play nicely together


@Jim:
I don't think that there's a connection between the X forwarding issue and PAM.

Hi Gary,

could you please verify your X forwarding setup?

# echo $DISPLAY

With the "UseLogin yes" config you just tell the sshd daemon to start /usr/bin/login instead of the user's default shell. I think that you just need to set the X forwarding manually to get this to work.

There should be a file in your home:

# ll ~/.Xauthority

try to set this variable:

# export XAUTHORITY=~/.Xauthority

or see this thread for further debugging:

http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1414080

I think that I gave you some hints, more I don't know in this topic...
****
Unix operates with beer.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.