[nSLUG] Re: scp logging

John Cordes John.Cordes at dal.ca
Sun Dec 18 22:35:49 AST 2005


 Thanks to both Rich and Paul B. for their remarks on scp
logging issues. It's definitely more complicated than I
imagined at first.

 A pared down summary of the postings on this thread is found
below.

 John

> Date: Tue, 13 Dec 2005 22:21:25 -0400
> From: Paul B <wes902 at gmail.com>
> Subject: Re: [nSLUG] Re: scp logging
> 
> The sshd daemon currently has no logging abilities for the exact
> request of the opening post.
>  Digging around the man pages for sshd_config
> http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config the various
> settings for log_level are:

 <snip>

>   In order to provide the exact details of files transferred via
> scp/sftp you will have to patch your sshd with patch like the one at
> http://www.sweb.cz/v_t_m/ There are currently patches there for the
> latest portable OpenSSH.

> On 12/13/05, Rich <budman85 at eastlink.ca> wrote:
> > Here is what I found, scp is controlled by sshd, so you need to make
> > sure the syslog options are enabled:
> >
> > look for the the sshd_config on your system
> >         /etc or /etc/ssh
> >
> > Look for the SyslogFacility and LogLevel  options
> > see what their values are, these will be used in syslog.conf
> > uncomment them if they are commented out, then restart sshd

<snip>

> > On Tue, 2005-12-13 at 16:02 -0400, John Cordes wrote:
> > >  No, I never did receive any useful replies to my
> > >  postings re scp logging on May 23/05
> > >  (http://nslug.ns.ca/pipermail/nslug/2005-May/008328.html
> > >  and
> > >  http://nslug.ns.ca/pipermail/nslug/2005-May/008335.html)
> > >
> > >  I wrote then, amongst other things: "What linux
> > >  programs would allow for this kind of scp connection?"
> > >
> > >  except for this from my son Peter:
> > >
> > >  "sftp.  Or he could have used scp cordes.ca:dirname/*
> > >  ., since scp can expand wildcards on the remote
> > >  machine.  But I'd assume he used sftp, or a graphical
> > >  frontend for it.  Maybe rsync can work without showing
> > >  as a login session."
> > >  And that's all I know, I'm afraid.
> > >
> > > On 12/9/05, Bob McLaren <BobMcLaren at fssi-ca.com> wrote:
> > > >  Hi John, I read your May 23rd posting and I am
> > > >  completely baffled that nobody seems to care that scp
> > > >  does not support logging.  Did you ever find a way to
> > > >  implement it?  Any feedback or pointers would be most
> > > >  appreciated.

!DSPAM:43a61c8a322466311111156!




More information about the nSLUG mailing list