Logging with ForceCommand and SCP

Oliver Graute oliver.graute at gmail.com
Wed Mar 15 21:39:13 AEDT 2017


On Wed, Mar 8, 2017 at 11:01 AM, Oliver Graute <oliver.graute at gmail.com> wrote:
> Hello List,
>
> I'am using the ForceCommand in my sshd configuration to log all the user
> actions on my device.
>
> ForceCommand /usr/bin/log-session.sh
>
> The Log Session Script itself is working fine for logging.
>
> But now I want also use SCP to copy files and this won't work together
> with the ForceCommand above.
>
> The copied file is created but its zero byte on the target.
>
> scp file.tar.gz  ssh-user at 192.168.1.229:/home/ssh-user/
> Enter passphrase for key '/home/user/.ssh/id_ecdsa':
> C0664 28508 file.tar.gz
>
> -rw-r--r--    1 ssh-user ssh-user         0 Mar  8 10:52 file.tar.gz
>
> Some ideas whats the reason for this behavior?
>

I solved the scp copy problem by adding this scp case to the
log-session.sh script

# if scp is requested we just forward this command

elif [ "$(echo ${SSH_ORIGINAL_COMMAND} | grep '^scp')" ]
then
        echo starting SCP service >> $LOGFILE
        echo ======================================== >> $LOGFILE
        ${SSH_ORIGINAL_COMMAND}


No the copy of files in both directions is fine. But I observe a
strange protocol error

Enter passphrase for key '/home/graute/.ssh/id_ecdsa':
test.log

                                 100%   39     0.0KB/s   00:00
protocol error: expected control record


Best regards,

Oliver


More information about the openssh-unix-dev mailing list