Logging of client commands, possible?

RGiersig at a1.net RGiersig at a1.net
Thu Mar 14 00:37:25 EST 2002


> > i'd like to capture unencrypted ssh packets in
> > pcap format, just like openbsd's isakmpd does.
> > and add support to tcpdump and etherreal for
> > interpreting these packet, this would make
> > debugging simpler.
> 
> isakmpd can do this probably because it's linked so deeply with 
> the OS and the kernel; sshd never actually sees the raw packets
> and we probably don't want to complete the engineering effort
> to let it.

I think you misunderstood this.  Markus is just proposing a dump 
format, which IMHO makes perfect sense.  After decrypting the packet it 
gets dumped in the same format that tcpdump is using, so you then can 
use 'tcpdump -r dumpfile' to display it.  Did I get that right?

Roland
--
RGiersig at cpan.org





More information about the openssh-unix-dev mailing list