sftp and utmp

Damien Miller djm at mindrot.org
Wed Apr 5 09:17:04 AEST 2023


On Tue, 4 Apr 2023, Nico Kadel-Garcia wrote:

> On Tue, Apr 4, 2023 at 6:10 AM Damien Miller <djm at mindrot.org> wrote:
> >
> > On Tue, 4 Apr 2023, Nico Kadel-Garcia wrote:
> >
> > > sftp has some awkward limitations, as does scp. It's why I prefer were
> > > possible to use rsync-over-SSH, and we can restrict the rsync options
> > > quite heavily. It's even possible to chroot wrap, though that toolkit
> > > has not been well maintained.
> >
> > rsync doesn't solve the problem being presented here, as it runs without
> > a PTY and so never ends up being recorded in utmp either.
> 
> rsync over SSH can be configured in sshd_config to record the use of
> public SSH keys. I don't normally set up such a restricted service on
> the standard SSH daemon or the standard SSH port, mostly to keep the
> logs very distinct.

Sure, but so can sftp-server (or any connection really, via a number of
methods).


More information about the openssh-unix-dev mailing list