Capturing sftp logs on stderr

Damien Miller djm at mindrot.org
Mon Aug 27 10:45:34 EST 2012


On Sat, 25 Aug 2012, Bruce Guenter wrote:

> Hi.
> 
> I am running sshd under supervise, using the -e option to capture the
> logs on stderr.  I am trying to do the same for the sftp subsystem, but
> I have been unable to do so.  Using the same -e option to sftp-server
> simply sends the debug messages to the client's stderr (instead of
> sshd's stderr) which doesn't help.
> 
> Is there any way to do this? I am not averse to doing a local
> modification to the source to make this happen, if that will be
> necessary.

There isn't any way to do this in sshd/sftp-server. sftp-server is run
within a session by sftp and usually has stderr attached to the session
when it runs.

If you want to hack sshd, then you'd probably need to conditionally
disable one of the dup2() calls in session.c:do_exec_no_pty() based on
the contents of its command argument.

-d


More information about the openssh-unix-dev mailing list