Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

ssh log
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
oiper
Guru
Guru


Joined: 01 May 2003
Posts: 316
Location: Alabama, US
PostPosted: Thu Aug 21, 2003 5:32 pm    Post subject: ssh log Reply with quote
I'm using sysklogd and I need to have all ssh connections logged. Any ideas? :roll:
Back to top
View user's profile Send private message
drjimmy42
Guru
Guru


Joined: 03 Feb 2003
Posts: 512
Location: Nashua, NH
PostPosted: Thu Aug 21, 2003 8:40 pm    Post subject: Reply with quote
its already in /var/log/sshd/current
Back to top
View user's profile Send private message
oiper
Guru
Guru


Joined: 01 May 2003
Posts: 316
Location: Alabama, US
PostPosted: Fri Aug 22, 2003 10:55 pm    Post subject: that's what i thought Reply with quote
... but there's no sshd in /var/log 8O :?:
Back to top
View user's profile Send private message
drjimmy42
Guru
Guru


Joined: 03 Feb 2003
Posts: 512
Location: Nashua, NH
PostPosted: Sat Aug 23, 2003 1:25 am    Post subject: Reply with quote
look in the /etc/ssh/sshd_config file for the work logging. You can set you log level there.
Back to top
View user's profile Send private message
oiper
Guru
Guru


Joined: 01 May 2003
Posts: 316
Location: Alabama, US
PostPosted: Sun Aug 24, 2003 10:00 pm    Post subject: What should I change? Reply with quote
I have so far, before I originally posted, uncommented this stuff:
Code:
# Logging
#obsoletes QuietMode and FascistLogging
SyslogFacility AUTH
LogLevel INFO


What else should be changed? Here's the config with only the lines above having been uncommented.
Code:

#       $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
SyslogFacility AUTH
LogLevel INFO

# Authentication:

#LoginGraceTime 120
#PermitRootLogin yes
#StrictModes yes

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile     .ssh/authorized_keys

# rhosts authentication should not be used
#RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

#AFSTokenPassing no

# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no

# Set this to 'yes' to enable PAM keyboard-interactive authentication
# Warning: enabling this may bypass the setting of 'PasswordAuthentication'
#PAMAuthenticationViaKbdInt no

#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes

#MaxStartups 10
# no default banner path
#Banner /some/path
#VerifyReverseMapping no

# override default of no subsystems
Subsystem       sftp    /usr/lib/misc/sftp-server
Back to top
View user's profile Send private message
drjimmy42
Guru
Guru


Joined: 03 Feb 2003
Posts: 512
Location: Nashua, NH
PostPosted: Sun Aug 24, 2003 11:06 pm    Post subject: Reply with quote
My config file is very similar to yours, except that I still have those two lines commented and I get logging as usual. I have sometimes found in the case of logging that creating the log directory helps. In this case,

mkdir /var/log/sshd

I know it cheesy, but it worked with cups a little while ago. Like I said, I have those logging lines commented out, so logging must be the default behavior.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy