Logging enhancement
Anderson Russell D (Andy)
Andy.Anderson at srpnet.com
Wed Apr 25 09:44:38 EST 2007
I would like to suggest a logging enhancement that would contribute
greatly to access auditing.
Currently nothing is logged when a user connects to another server as a
different user.
The auditing trail is broken for tracing access.
userA> ssh userB at hostB
A simple syslog addition (for example) to ssh.c closes that gap.
/* Log into the remote system. This never returns if the login
fails. */
ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr,
pw);
/* added for NERC logging and auditing */
syslog(LOG_NOTICE, "ssh: user %s connected to host %s as %s",
pw->pw_name, host, options.user);
Thanks
More information about the openssh-unix-dev
mailing list