Logging Port Forwards
Peter Kwangjun Suk
suk at pobox.com
Fri Oct 5 20:38:00 EST 2001
Hello,
We're using OpenSSH to let our customers set up encrypted port forwarding
tunnels so that we can do support by VNC-ing to their desktops. We've set
up "session" accounts that have completely restricted shells and randomly
generated passwords which change themselves with every log-in.
To complete the security for this set-up we'd like sshd to keep a log of
the port forwards. It appears that the port forwards are logged in DEBUG
mode, but of course this is not acceptable for normal running. I think
that I know where we would modify the code, but I would like to confirm
that.
line 1850 of channels.c:
debug("Local forwarding listening on %s port %s.", ntop, strport);
Also, add something to line 1924. Am I on the right track, or is this
actually the ssh client side of things?
I also would like a pointer to logging -- where does the normal logging
for logins happen?
Thanks.
--
Peter Kwangjun Suk
suk at pobox.com
http://ostudio.swiki.net
More information about the openssh-unix-dev
mailing list