Logging of client commands, possible?

Damien Miller djm at mindrot.org
Wed Mar 13 14:17:03 EST 2002

On Tue, 12 Mar 2002, RGiersig at a1.net wrote:

> So I'll summarize my wishes:  per-connection logging of what gets sent 
> from the client to the server.  When a connection gets accepted, a 
> logfile is created in a logdir whose filename contains a timestamp, pid 
> of the sshd process that handles the connection, if a terminal is 
> requested, authenticated user name and hostname from where the 
> connection came.  If the session uses a tty, a timestamp is written 
> periodically to the logfile (once a minute) to give an indication what 
> happened when.  X forwarding could be logged the same way, as well as 
> other forwarded ports.
> Anybody from the openssh developer team reading this?

I won't speak for the others, but I don't want to turn OpenSSH into
snoopware. All the more so if the snopping is going not going to be
effective (e.g. whiterabbit.sh, whiterabbit.bin).


More information about the openssh-unix-dev mailing list