logging details

Diller, Susan (Sue) Susan.Diller at PAETEC.com
Wed Apr 21 23:09:31 EST 2010


Lars -      5.5 does not seem to be available, yet.  I am running OpenSSH_5.4p1.
Damien - The xferlog was from an ftp session.  I was just using it to show that ftp can tell me the file which was transferred.
               I moved the sftp log under the chroot /dev area.  It still logs everything, except the file name.

I understand that the filename and directory information will be coming across the network encrypted.  But, there must be a way the server can figure out what file was transferred.  It knows the PID of the connecting process.  Does the logfile need to be writable by the accounts doing the transfers?

- Sue
 

-----Original Message-----
From: Lars Nooden [mailto:lars.curator at gmail.com] 
Sent: Wednesday, April 21, 2010 4:48 AM
To: Damien Miller
Cc: Diller, Susan (Sue); openssh-unix-dev at mindrot.org
Subject: RE: logging details

On Wed, 21 Apr 2010, Damien Miller wrote:
> Also, if you are using ChrootDirectory, you might need to arrange 
> syslog to listen inside your chroot at (relative) /dev/log

That burden seems to have been removed starting with OpenSSH 5.5, and the following does logging with the specified log level and faclity code without needing a socket in the chroot:

  ChrootDirectory /altroot/foo/
  Subsystem	sftp	internal-sftp -f LOCAL0 -l VERBOSE
  ForceCommand	internal-sftp

/Lars


More information about the openssh-unix-dev mailing list