How can we improve?

allow linux scanning with non root accounts

Languard needs to have an option to connect to and scan linux machines with another account besides root. Most people do not allow root access to linux servers via SSH. That way we can have a dedicated account that will be used for scanning and patching linux servers without giving root access to the entire server.

5 votes
Sign in Sign in with GFI
Signed in as (Sign out)

We’ll send you updates on this idea

sean bettencourt shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in Sign in with GFI
Signed in as (Sign out)
  • Evan Lawson commented  ·   ·  Flag as inappropriate

    In order to fulfill our security requirements we must enable/disable root SSH access on each server during every patch cycle. Allowing sudoers to perform scans and apply patches would save us a lot of time, ensure security requirements are met, and thereby increase the value of your product. Please prioritize the implementation of this feature.

  • Steve Klingner commented  ·   ·  Flag as inappropriate

    In the meantime, most of the Linux processes are stored plain as day as bash/python in "C:\ProgramData\GFI\LanGuard 11\Scripts" on your LanGuard machine.

    Operations requiring root privs can be pre-pended with sudo... no comment as to whether this affects your warranty.

  • Anonymous commented  ·   ·  Flag as inappropriate

    [Comment date: 2015-03-30]
    PLEASE allow non root accounts to ssh in. There is no reason why the scripts can't be executed using sudo if necessary. Leaving ssh open for root is just plain bad news and exposes LanGuard users to hackers and script kiddies.

Feedback and Knowledge Base