Shulou(Shulou.com)06/01 Report--

1. Authentication and authorization process:

Binary program location: / opt/freesvr/audit/authd/sbin/freesvr-authd

Configuration file location: / opt/freesvr/audit/authd/etc/freesvr_authd_config

Log location: / opt/freesvr/audit/authd/log/freesvr-authd.log

Function description:

The authentication and authorization process is the judgment program of authentication and authorization when the user logs in to the fortress machine. When the user logs in to the operation and maintenance equipment through the fortress machine, they must pass the authentication judgment and authorization judgment of this process, and the login operation and maintenance operation can be carried out only after the authentication authorization is passed.

When logging in, Ssh agent, rdp agent, telnet agent, ftp agent and sftp agent will send the user name, password and the serial number of the machine the user wants to log in (--id) to the freesvr-authd process. Freesvr-authd compares them according to the information sent, and returns the signal passed by the agent if authentication and authorization are allowed. If the policy does not allow it, it returns the signal rejected by the agent.

The authentication authorization process has no debug mode, and the whole authentication process will be recorded in log. At the same time, the authentication entry, structure and error information will be written into the loginacct table, which is in the foreground.

Report Management-Login report-Authorization details can be viewed

Therefore, if there is a machine that cannot log in during the use of the fortress machine, first log on to the foreground page to view this menu, if you don't understand, check LOG in the background, and if you still can't find the reason, in the DEBUG agent.

2.ssh agents and audit procedures:

Binary program location: / opt/freesvr/audit/sshgw-audit/sbin/ssh-audit

Log location: this program does not provide LOG records

Program debug command:

/ opt/freesvr/audit/sshgw-audit/sbin/ssh-audit 127.0.0.1-p 22-n-m-t

The program will print out the entire connection process for DEBUG debugging

3.RDP agents and audit procedures

Binary program location: / usr/local/sbin/Freesvr_RDP

Log location: this program does not provide LOG records

Program debug command:

/ usr/local/sbin/Freesvr_RDP-m proxy-nd

The program will print out the entire connection process for DEBUG debugging

4.Telnet agents and audit procedures

Program location: / opt/freesvr/audit/ssh-replay/sbin/ssh-replay

Log location: this program does not provide LOG records

Program debug command:

/ opt/freesvr/audit/ssh-replay/sbin/ssh-replay-d

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.