Logging of client commands, possible?
RGiersig at a1.net
RGiersig at a1.net
Thu Mar 14 00:37:25 EST 2002
> > i'd like to capture unencrypted ssh packets in
> > pcap format, just like openbsd's isakmpd does.
> > and add support to tcpdump and etherreal for
> > interpreting these packet, this would make
> > debugging simpler.
>
> isakmpd can do this probably because it's linked so deeply with
> the OS and the kernel; sshd never actually sees the raw packets
> and we probably don't want to complete the engineering effort
> to let it.
I think you misunderstood this. Markus is just proposing a dump
format, which IMHO makes perfect sense. After decrypting the packet it
gets dumped in the same format that tcpdump is using, so you then can
use 'tcpdump -r dumpfile' to display it. Did I get that right?
Roland
--
RGiersig at cpan.org
More information about the openssh-unix-dev
mailing list