| View previous topic :: View next topic |
| Author |
Message |
Majed17
Guru
Joined: 31 Aug 2011
Posts: 333
Location: Minsk, Belarus
|
 Posted: Wed Jun 27, 2018 2:24 pm Post subject: last login not working as expected [solved] |
 |
|
Peace,
I've been using other linux distributions and I found it handy to see when is the last log in.
so in
/etc/ssh/sshd_config
I have modified:
| Code: | #PrintMotd yes
#PrintLastLog yes |
but :
| Code: | date
Wed Jun 27 17:17:22 +03 2018 |
then relogging gives:
| Code: | | Last login: Wed Jun 27 17:18:32 2018 from 192.168.10.10 |
lastlog
shows the same.
The configuration is identical with an opensuse distribution, in regards to sshd except in /etc/pam.d/sshd there are different entires.
I tried emptying last log and wtmp but that didn't help.
So what is the correct configuration to display the correct last ?
_________________
Seek and you shall find, Knock and it shall be opened, cry and you shall find comfort.
Last edited by Majed17 on Thu Jun 28, 2018 6:45 am; edited 1 time in total |
|
| Back to top |
|
 |
guitou
Guru
Joined: 02 Oct 2003
Posts: 534
Location: France
|
| Posted: Wed Jun 27, 2018 2:27 pm Post subject: |
|
|
Hello.
If you leave the heading #, this means line is commented out 
++
Gi) |
|
| Back to top |
|
|
Majed17
Guru
Joined: 31 Aug 2011
Posts: 333
Location: Minsk, Belarus
|
| Posted: Wed Jun 27, 2018 2:44 pm Post subject: |
|
|
Well before that I tried without a comment and nothing changed!
the sense was to copy the open suse configuration. anything else?
_________________
Seek and you shall find, Knock and it shall be opened, cry and you shall find comfort. |
|
| Back to top |
|
|
bunder
Bodhisattva
Joined: 10 Apr 2004
Posts: 5939
|
| Posted: Wed Jun 27, 2018 2:45 pm Post subject: |
|
|
Both those settings default to yes, to turn them off you have to explicitly set them to no.
_________________
| Neddyseagoon wrote: | | The problem with leaving is that you can only do it once and it reduces your influence. |
banned from #gentoo since sept 2017 |
|
| Back to top |
|
|
guitou
Guru
Joined: 02 Oct 2003
Posts: 534
Location: France
|
| Posted: Wed Jun 27, 2018 2:49 pm Post subject: |
|
|
| Well, did you restart the service after your changes? |
|
| Back to top |
|
|
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
| Posted: Wed Jun 27, 2018 2:51 pm Post subject: |
|
|
Majed17 ...
to elaborate on guitou's comment:
| Code: | # grep -i print /etc/ssh/sshd_config
PrintMotd no
PrintLastLog no |
Also ...
| man login wrote: | | You may turn off the printing of the system message file, /etc/motd, by creating a zero-length file .hushlogin in your login directory |
... and:
| man login wrote: | The following configuration variables in /etc/login.defs change the behavior of this tool:
[...]
LASTLOG_ENAB (boolean)
Enable logging and display of /var/log/lastlog login time info. |
HTH & best ... khay |
|
| Back to top |
|
|
Majed17
Guru
Joined: 31 Aug 2011
Posts: 333
Location: Minsk, Belarus
|
| Posted: Wed Jun 27, 2018 2:53 pm Post subject: |
|
|
For God's sake, you really assume you are smartest one living?
and for your information, both of these setting are no to begin with, which frankly is unwise. I think pam.d needs to be modified!
_________________
Seek and you shall find, Knock and it shall be opened, cry and you shall find comfort. |
|
| Back to top |
|
|
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
| Posted: Wed Jun 27, 2018 3:03 pm Post subject: |
|
|
| Majed17 wrote: | | For God's sake, you really assume you are smartest one living? and for your information, both of these setting are no to begin with, which frankly is unwise. I think pam.d needs to be modified! |
Majed17 ... you're speaking to me?
... so notice, no motd and no lastlog!
best ... khay |
|
| Back to top |
|
|
Majed17
Guru
Joined: 31 Aug 2011
Posts: 333
Location: Minsk, Belarus
|
| Posted: Wed Jun 27, 2018 4:59 pm Post subject: |
|
|
you didn't get me,
| Code: | ssh localhost
Password:
Last login: Wed Jun 27 19:54:39 2018 from ::1 |
what I want is not the current log in but the one before like it must do!
and it doesn't matter whether there is a # before the command or not, it still takes it!
_________________
Seek and you shall find, Knock and it shall be opened, cry and you shall find comfort. |
|
| Back to top |
|
|
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
| Posted: Wed Jun 27, 2018 6:08 pm Post subject: |
|
|
| Majed17 wrote: | | you didn't get me, [...] what I want is not the current log in but the one before like it must do! |
Majed17 ... I see, yes, my bad, I must have read your initial post too quickly, and absorbed the direction taken subsequently. Anyhow, yes, you get this because of pam.d/system-login, if you want "the one before" then basically what you need to do is have sshd do the lastlog, and inform pam not to (by commenting the line):
| /etc/ssh/sshd_config: | | PrintLastLog yes |
| /etc/pam.d/system-login: | | #session optional pam_lastlog.so silent |
You'll then get that behavior:
| Code: | % date
Wed Jun 27 19:55:47 CEST 2018
% lastlog -u khayyam
Username Port From Latest
khayyam pts/8 127.0.0.1 Wed Jun 27 19:55:13 +0200 2018
% ssh localhost
Last login: Wed Jun 27 19:55:13 2018 from 127.0.0.1 |
edit: you might also get that same behavior with 'PrintLastLog yes' and net-misc/openssh built with USE="-pam" (untested).
Sorry for the confusion & best ... khay |
|
| Back to top |
|
|
Majed17
Guru
Joined: 31 Aug 2011
Posts: 333
Location: Minsk, Belarus
|
| Posted: Thu Jun 28, 2018 6:44 am Post subject: |
|
|
Your a life savior, especially from internal spies.
I'm sorry for the confusion, I shouldn't have replied until some time after when everyone has written what they wanted!
Here is the million dollar question, why isn't this the default behavior like in all the other linux distributions I have installed except Kali?
_________________
Seek and you shall find, Knock and it shall be opened, cry and you shall find comfort. |
|
| Back to top |
|
|
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
| Posted: Thu Jun 28, 2018 9:55 am Post subject: |
|
|
| Majed17 wrote: | | Your a life savior, especially from internal spies. I'm sorry for the confusion, I shouldn't have replied until some time after when everyone has written what they wanted! |
Majed17 ... no problem, the fault is entirely mine.
| Majed17 wrote: | | Here is the million dollar question, why isn't this the default behavior like in all the other linux distributions I have installed except Kali? |
I'm not sure, I think it might be a bug rather than a feature, it's pointless to provide the current login as 'lastlog', because that information is known for obvious reasons. There is another topic where lastlog is misbehaving, and I suspect that these issues are related.
best ... khay |
|
| Back to top |
|
|
Majed17
Guru
Joined: 31 Aug 2011
Posts: 333
Location: Minsk, Belarus
|
| Posted: Thu Jun 28, 2018 10:39 am Post subject: |
|
|
Yeah that topic is where I figured out the issue is pam related.
and | Quote: | | the fault is entirely mine |
that's flattery.
_________________
Seek and you shall find, Knock and it shall be opened, cry and you shall find comfort. |
|
| Back to top |
|
|
|
Portage & Programming
