[nSLUG] Re: scp logging

Rich budman85 at eastlink.ca
Tue Dec 13 21:06:08 AST 2005


Here is what I found, scp is controlled by sshd, so you need to make
sure the syslog options are enabled:

look for the the sshd_config on your system
	/etc or /etc/ssh

Look for the SyslogFacility and LogLevel  options
see what their values are, these will be used in syslog.conf
uncomment them if they are commented out, then restart sshd


Secure Shell logs debug and error messages using syslog. Logging is
controlled by two configuration keywords: SyslogFacility and LogLevel.
Use the appropriate syslog log levels (QUIET, FATAL, ERROR, INFO,
VERBOSE, DEBUG) to gather more information about error scenarios. As
defined by sshd_config, the default for syslogFacility is set to AUTH
and LogLevel is set to INFO as in the following:

#SyslogFacility AUTH
#LogLevel INFO


Now check the syslog.conf file

Check if you are logging
auth.info        -/var/log/secure.info


Then recycle syslogd - kill -HUP syslogd

Hope this helps



On Tue, 2005-12-13 at 16:02 -0400, John Cordes wrote:
>  Bob,
> 
>  No, I never did receive any useful replies to my postings re
> scp logging on May 23/05 
> (http://nslug.ns.ca/pipermail/nslug/2005-May/008328.html
> and
> http://nslug.ns.ca/pipermail/nslug/2005-May/008335.html)
> 
>  I wrote then, amongst other things: "What linux programs
> would allow for this kind of scp connection?"
> 
>  except for this from my son Peter:
> 
>  "sftp.  Or he could have used scp cordes.ca:dirname/* .,
> since scp can expand wildcards on the remote machine.  But I'd
> assume he used sftp, or a graphical frontend for it.  Maybe
> rsync can work without showing as a login session."
> 
>  And that's all I know, I'm afraid.
> 
>  John
> 
> On 12/9/05, Bob McLaren <BobMcLaren at fssi-ca.com> wrote:
> >  Hi John, I read your May 23rd posting and I am completely
> >  baffled that nobody seems to care that scp does not support
> >  logging.  Did you ever find a way to implement it?  Any
> >  feedback or pointers would be most appreciated.
> 
> 
> 
> _______________________________________________
> nSLUG mailing list
> nSLUG at nslug.ns.ca
> http://nslug.ns.ca/cgi-bin/mailman/listinfo/nslug
> 
> 
-- 
Rich <budman85 at eastlink.ca>

!DSPAM:439f6ee9181456086051935!




More information about the nSLUG mailing list