openssh logging of remote commands in syslog
Kevin Taylor
ktaylor at eosdata.gsfc.nasa.gov
Thu Mar 8 09:12:02 EST 2001
Krzysztof Oledzki wrote:
>
> On Wed, 7 Mar 2001, Kevin Taylor wrote:
>
> >
> > Another wonderful email from me. :)
> >
> > The ssh.com version of ssh will log information on the remotely executed
> > command in the syslog:
> >
> > Mar 7 15:29:20 6D:marx sshd[21346]: log: executing remote command as
> > root: ls
> >
> > It seems that openssh doesn't do that by default. If you put the server
> > in debug mode you'll see the command, but a lot of extra stuff that you
> > don't want to see.
> >
> > Feature suggestion...?
>
> Some days ago I have created small patch for openssh. It is possible that
> you don't need all my changes but there is the one so you can use only a
> part of this patch :)
>
> http://www.ans.pl/Unix/ole-openssh-2.5.1p1.patch.gz
>
> Best regards,
>
> Krzysztof Oledzki
yup. Just one line provides what I was looking for:
# diff session.c.orig session.c
1464a1465
> log("executing remote command as user %.200s: %.200s", pw->pw_name, command);
Hopefully they can add this to the next release of openssh.
Thanks.
--
---------------------------------------------------------.
Kevin Taylor \
Systems Administrator - DAAC, Code 902, Bldg 32, Rm N126A /
Science Systems and Applications, Inc. \
Goddard Space Flight Center /
Greenbelt, MD 20771 \
/
Phone: (301) 614-5505 \
e-mail: ktaylor at daac.gsfc.nasa.gov /
----------------------------------------------------------'
More information about the openssh-unix-dev
mailing list