Logging sessions.
goudal at enseirb.fr
goudal at enseirb.fr
Tue Mar 18 19:21:04 EST 2003
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
--------
Hello,
I upgraded to the last openssh and I have found the followin problem :
it is not possible in the logs to match the end of a session with the begining.
In the previous versions, with no secure separation, the pid found in syslog
could
do the job, but now the opening and closing processes are different.
I have done an horrible hack to get the info : I have added the print of the
ppid
in the closing messages, as it appears that the closing process is the son of
the
opening one. But it's juste an hack. I imagine that this modification does not
add
a security problem.
Could it be possible to attache an id to each session so that it is possible
to match
opening and closing event ? Or is there an hidden problem that I have not seen
?
f.g.
More information about the openssh-unix-dev
mailing list