Increasing log levels in sshd via sshd_config(5)
Lars Noodén
lars.nooden at gmx.com
Sat Apr 5 20:12:20 AEDT 2025
Perhaps I have set something incorrectly as I seem to be unable to
increase the log level for sshd(8) by setting it in sshd_config(5)
# /usr/sbin/sshd -T | sort | grep log
logingracetime 120
loglevel DEBUG2
permitrootlogin yes
printlastlog yes
syslogfacility AUTH
# /usr/sbin/sshd -V
OpenSSH_9.9, LibreSSL 4.1.0
# uname -s -r -m
OpenBSD 7.7 arm64
# dmesg | head -n 2
OpenBSD 7.7 (GENERIC.MP) #352: Tue Apr 1 15:07:55 MDT 2025
deraadt at arm64.openbsd.org:/usr/src/sys/arch/arm64/compile/GENERIC.MP
Instead of more verbose logging in /var/log/authlog, I get the normal
message and nothing more:
Apr 5 11:54:26 server sshd[34135]: Server listening on 0.0.0.0 port 22.
Apr 5 11:54:26 server sshd[34135]: Server listening on :: port 22.
It is the same for logging in:
Apr 5 12:05:13 server sshd-session[18671]: Connection from 192.0.2.75
port 34326 on 192.0.2.35 port 22 rdomain "0"
Apr 5 12:05:21 server sshd-session[18671]: Accepted password for lars
from 192.0.2.75 port 34326 ssh2
Apr 5 12:05:21 server sshd-session[18671]: User child is on pid 79910
Apr 5 12:05:22 server sshd-session[79910]: Starting session: shell on
ttyp2 for lars from 192.0.2.75 port 34326 id 0
If I invoke sshd(8) with one or more -d options, then the output is as
verbose as expected. The other configuration directives seem to take
effect when applied through sshd_config(5).
What have I missed?
/Lars
More information about the openssh-unix-dev
mailing list