Howto log multiple sftpd instances with their chroot shared via NFS

David Newall openssh at
Wed Sep 22 19:18:43 AEST 2021

Hi Hildegard,

On Tue, 21 Sep 2021, Hildegard Meier wrote:
> Now I have a second sftpd server in parallel, with the same user 
> database and also mounts /var/data/chroot/ via NFS, and has the same 
> syslog-ng config,
> so every user can login on the one server or on the other. This is for 
> high availability. This works so far.
> What is not working now is the sftpd logging: The sftp user's log is 
> only available on one sftp server exclusively, and that is the one 
> where syslog-ng was started least, because as I understand it takes 
> the exclusive unix socket file lock for each user's /dev/log.
> So, if a user logs in on the first server, where syslog-ng was started 
> least, the user's sftp activity is logged on the first server.
> But if the user logs in on the second server, it's sftp activity is 
> not logged, neither on the second nor on the first server.

Forward the log entries on both machines to a log host.  E.g.

    destination d_tcp {
         network("log_host" port(1999));



More information about the openssh-unix-dev mailing list