Gentoo Forums :: View topic - Log di SSH [risolto]

Log di SSH [risolto]

View unanswered posts
View posts from last 24 hours
View posts from last 7 days

Gentoo Forums Forum Index

Forum italiano (Italian)

View previous topic :: View next topic

Author

Message

Kernel78
Moderator

Moderator

Joined: 24 Jun 2005
Posts: 3654

Posted: Sat Jul 30, 2005 6:56 pm Post subject: Log di SSH [risolto]

Reply with quote

Ciao a tutti, ho un problemino con i log di ssh (o meglio openssh).
I miei file di configurazione contengono le seguenti sezioni (riporto solo quanto concerne il log di ssh)

Code:

/etc/ssh/sshd_config

SyslogFacility AUTH
LogLevel INFO

/etc/syslog-ng/syslog-ng.conf

destination authlog { file("/var/log/auth.log"); };
filter f_authpriv { facility(auth, authpriv); };
log { source(src); filter(f_authpriv); destination(authlog); };

Ovviamente uso syslog-ng :wink:

:wink:

ma in /var/log/auth.log non c'è traccia di nessuna connessione (o tentata connessione) mentre in /var/log/syslog è pieno di tentativi di connessione andati male da parte dei soliti lamer.

Come posso fare per avere i tentativi di connessione falliti in /var/log/auth.log ???

Last edited by Kernel78 on Sun Jul 31, 2005 7:42 am; edited 1 time in total

Send private message

FonderiaDigitale
Veteran
Veteran

Veteran

Joined: 06 Nov 2003
Posts: 1710
Location: Rome, Italy

Posted: Sat Jul 30, 2005 8:58 pm Post subject:

Reply with quote

aggiungi, prima degli altri log (preso da un conf di un mio server, adattalo ai tuoi scopi come meglio credi):

Code:

filter fp_pwdfail { (match("(password|login|authentication).+(fail|invalid)")
or match("([Ff]ailed|[Ii]nvalid).+(password|login|authentication)")
or match("ILLEGAL ROOT LOGIN")
or match("Authentication failure")); };
destination d_pwdfail {file("/var/log/pwdfail.log"); };
destination wheel { usertty("giovanni"); };
destination root_cons { usertty("root"); };
log { source(src); filter(fp_pwdfail); destination(d_pwdfail); destination(root_cons); destination(wheel); };

logga in console attive degli utenti giovanni, e root; e nel file.
bai
_________________
Come disse un amico, i sistemisti sono un po' come gli artigiani per l'informatica

Send private message

Kernel78
Moderator

Moderator

Joined: 24 Jun 2005
Posts: 3654

Posted: Sun Jul 31, 2005 7:43 am Post subject:

Grazie mille, sono riuscito a risolvere

Send private message

Display posts from previous:

	Gentoo Forums Forum Index Forum italiano (Italian)	All times are GMT
Page 1 of 1

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy