A probable useful feature
Kevin Brott
kevin.brott at gmail.com
Tue Jan 3 12:26:01 EST 2012
On Sat, Dec 31, 2011 at 01:40, Vahab Shalchian <v.shalchian at gmail.com>wrote:
> Hi,
>
> As I mentioned in the following post :
>
>
> http://www.linuxquestions.org/questions/linux-security-4/exclude-a-from-being-logged-in-var-log-wtmp-920865/
>
> Some monitoring softwares like Manage Engine Application Manager use a
> monitoring user which logins to a servers every 5 minutes via SSH so
> sometimes we need to be able to exclude this user from being recorded to
> wtmp,utmp files.
>
> Is it possible to include this feature in the next releases of SSH.
>
> Many thanks.
> Vahab Shalchian
>
Consider opening an initial connection to each server monitored at the
start of the day/monitoring-cycle using connection mastering - run all your
subsequent connections against the connection master and ?tmp files will
only log the initial connection. Of course this means the monitoring
system will have a proportional number of open connections/sockets
constantly - so in Very Large Enterprise settings - this 'might not scale
well'. In smaller deployments the overhead is negligible. YMMV.
--
# include <stddisclaimer.h>
/* Kevin Brott <Kevin.Brott at gmail.com> */
More information about the openssh-unix-dev
mailing list