syslog from chrooted environment

Phil Pennock phil.pennock at
Sat Jul 29 05:38:04 AEST 2017

On 2017-07-28 at 14:26 -0400, Mike Tancsa wrote:
> On 7/25/2017 7:21 PM, Phil Pennock wrote:
> > Honestly, I'd start looking instead at having syslogd listen on a UDP
> > socket on a non-routed address and send to that locally instead.  See
> > the "-a" option to syslogd, although contrary to docs my past experience
> > has suggested that -a can't be repeated.
> How do I get sshd to send via UDP to syslogd ?

Ugh, I've gotten too used to languages which let you customize this in

Tell sshd to run in the foreground writing logs to stderr and invoke it
under a wrapper which sends logs wherever you want, while handling

This isn't the core system ssh for sysadmin to log in, AIUI, so it's
safer to have a little more complexity around the startup.

  /path/to/sshd -De

There are various supervisor programs around which will log wherever you
want (including via UDP syslog), you can pick one for whatever your
preferred poison is.

At this point, you are relying upon stdio from the chrooted processes,
so the chroot is irrelevant and you can just log normally to wherever
you want, so you could even just send straight to syslog, avoiding the
need for devices in the chroots.


More information about the openssh-unix-dev mailing list