internal-sftp and logging not working with Fedora and chroot using 5.5?
JPP
jpp1 at frws.com
Sun Jul 11 04:07:04 EST 2010
Hope ya'all can help!
Been reading and reading, and adjusting... to no avail.
We need to have chroot'd SFTP activities logged on a file server and for
whatever reason, I simply cannot get it to log with users that are chroot'd
(this is necessary for auditing and HIPAA - so it is pretty important)
I have tried with Fedora 11/12 and even an older Fedora 8 server, the same
results:
1. We can log ALL activities for users on SFTP when **not** chroot'd
2. As soon as I re-enable chroot'd settings in sshd_config, those users are
only logged as far as login is concerned, nothing else. And that goes to the /
var/log/secure log and NOT /var/log/messages as it does when they are not
chroot'd
We are using OpenSSH Portable 5.5p1 freshly compiled.
And various Fedora versions from 8, to 11 and 12. Using syslog and rsyslog.
Pertinent sshd_config settings:
# tried with both lower case and upper case, same (should not matter)
Subsystem sftp internal-sftp -f AUTH -l VERBOSE
# Example of overriding settings on a per-user basis
Match Group sftponly
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp -f AUTH -l VERBOSE
####
>From /etc/rsyslog.conf
*.info;mail.none;authpriv.none;cron.none;auth.* /var/log/messages
#####
Any suggestions would be helpful and VERY appreciated. Nothing I have touched
has changed the way its logging - without chroot logging is perfect, with
chroot, logging stops.
Have not tried the use of logging sockets - BUT from what I have read, these
should not be necessary with the newer OpenSSH 5.x versions and this is the
newest one, so did not want to head down that trail (yet).
Thank you in Advance...
JPP
--
FRWS WebMail (http://www.frws.com)
Cause you deserve Spam and Virus free email...
More information about the openssh-unix-dev
mailing list