From owner-freebsd-questions@FreeBSD.ORG Mon Sep 16 13:36:03 2013 Return-Path: Delivered-To: freebsd-questions@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 9C75486C for ; Mon, 16 Sep 2013 13:36:03 +0000 (UTC) (envelope-from aurikus@gmail.com) Received: from mail-lb0-x234.google.com (mail-lb0-x234.google.com [IPv6:2a00:1450:4010:c04::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2BF0F2DC9 for ; Mon, 16 Sep 2013 13:36:02 +0000 (UTC) Received: by mail-lb0-f180.google.com with SMTP id q8so4108115lbi.39 for ; Mon, 16 Sep 2013 06:36:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=jsNylpzWCQ8CfjqrfaztqupILhwwnqb4h/AaeEDPvgs=; b=g0WaHpOJO6wXIQX4UVZu5rXYO69jtQYcwZZlOu3UhHM6Bopqso+oI5GWF7hWLtC55t vbZgvD4xztEN3135W6/HVZVP+6WzeXCzF8JxL5/2FXY7phng3BAgJJcEFdO1C8ncO8IC kBr66NZAfMYF1GV9eJiRQvrprb9zJHJfHJnrhLNTPhuHyngbvgCHMcX0Ahe4iGwELv3V 98TIr4NvrYvBNjVDFDYHldC7ysgAc96/OQDjyru49oG5i1sMqBJSmRnVF8qkPTgFgDf1 VJsDUDDfmL0n/yPvs2Hn9dupib4qmh2fbOIqxQSCCRQTS4pSLW+4Jk10DDCKE4Qs24Zm v7hg== MIME-Version: 1.0 X-Received: by 10.112.52.225 with SMTP id w1mr1774670lbo.31.1379338561182; Mon, 16 Sep 2013 06:36:01 -0700 (PDT) Received: by 10.114.174.13 with HTTP; Mon, 16 Sep 2013 06:36:01 -0700 (PDT) Date: Mon, 16 Sep 2013 15:36:01 +0200 Message-ID: Subject: how to log sshd access in a single file From: aurikus grande To: freebsd-questions@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Sep 2013 13:36:03 -0000 Hello, just a few days ago i setup my first FreeBSD server, so i am new to this OS. I already tried to find the information i was looking for, but to no luck. I try to add a line in /etc/hosts.allow which would allow and log all attempts using SSH (sshd). I found http://www.freebsd.org/doc/handbook/tcpwrappers.html, which mentions twist as the only way to accomplish this. So i created a line in allow.hosts which reads as follows: sshd : ALL : twist /bin/echo "a% from h% attempted to acces d%" >> \ \var\log\ssh-connections.log : allow sshd for the service ALL for all ip-addresses allow to allow access and the text in between should make sure that the file ssh-connections is being updated. The file already exists, i used root access to create it. But it does not work as expected. Could you please point me where i did it wrong. Thanks in advance for your help. Best regards, aurikus