Howto log multiple sftpd instances with their chroot shared via NFS
David Newall
openssh at davidnewall.com
Wed Sep 22 19:18:43 AEST 2021
Hi Hildegard,
On Tue, 21 Sep 2021, Hildegard Meier wrote:
> Now I have a second sftpd server in parallel, with the same user
> database and also mounts /var/data/chroot/ via NFS, and has the same
> syslog-ng config,
> so every user can login on the one server or on the other. This is for
> high availability. This works so far.
>
> What is not working now is the sftpd logging: The sftp user's log is
> only available on one sftp server exclusively, and that is the one
> where syslog-ng was started least, because as I understand it takes
> the exclusive unix socket file lock for each user's /dev/log.
>
> So, if a user logs in on the first server, where syslog-ng was started
> least, the user's sftp activity is logged on the first server.
> But if the user logs in on the second server, it's sftp activity is
> not logged, neither on the second nor on the first server.
Forward the log entries on both machines to a log host. E.g.
destination d_tcp {
network("log_host" port(1999));
};
Regards,
David
More information about the openssh-unix-dev
mailing list