Logging the suggested algorithms of the client during key exchange

rapier rapier at psc.edu
Thu Jul 7 01:54:31 EST 2011


I created something like this to do some basic server side logging with 
http://www.psc.edu/networking/projects/hpn-ssh/openssh5.8-server-logging.diff

It doesn't do the proposal though. However, as Darren said you have to 
monitor a log in the chroot jail. From the direction to my patch...

"This patch adds additional logging to the SSHD server including 
encryption used, remote address and port, user name, remote version 
information, total bytes transferred, and average throughput. In order 
to use this patch you *must* direct syslogd to use an additional logging 
socket. This socket will be located in the sshd chroot, typically 
/var/empty. As such you will need to create a /var/empty/dev directory 
and add '-a /var/empty/dev/log' to your syslogd configuration."

Good luck!

On 7/2/11 2:45 AM, ssh at bunten.de wrote:
> Hello,
>
> for a research project I am trying to log the algorithms suggested by
> the client during key exchange.
>
> I am using the source of version 5.8p2. I figured the function
> kex_buf2prop() in kex.c might be the place to log that information. I am
> calling logit() within the for loop ->
>
> for (i = 0; i < PROPOSAL_MAX; i++) {
> proposal[i] = buffer_get_cstring(&b,NULL);
> debug2("kex_parse_kexinit: %s", proposal[i]);
>
> if (first_kex_follows != NULL) {
> logit("[client prop] kex %i: '%s' from %s",
> i, proposal[i], get_remote_ipaddr());
> }
> }
>
> Unfortunately, it does not log anything when run as a daemon. Only when
> run in debug ('-d' switch) I see the output. I used logit() in other
> parts to add logging and it works great.
>
> My question: What am i doing wrong and how can I log the proposed
> algorithms properly?
>
> (Please note: I am interested in the suggestions from the client and not
> the ciphers client and server finally use!)
>
> Any helpfull suggestion appreciated!
>
> Regards
> Andreas
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


More information about the openssh-unix-dev mailing list