Date: Fri, 21 Dec 2001 21:54:26 +0200 From: "Dave Raven" <dave@kill-9.za.net> To: "Igor Roshchin" <str@giganda.komkon.org>, <security@freebsd.org> Subject: Re: sshd logging Message-ID: <002f01c18a59$50806a00$3800a8c0@DAVE> References: <200112211810.fBLIAXu71521@giganda.komkon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
your defauls (/etc/ssh/) sshd_config file will have this: LogLevel INFO change that to LogLevel DEBUG and your set. ----- Original Message ----- From: "Igor Roshchin" <str@giganda.komkon.org> To: <security@freebsd.org> Sent: Friday, December 21, 2001 8:10 PM Subject: sshd logging > > Hello! > > > I am somewhat confused about sshd writing messages to the syslog. > On 3.x systems with the sshd installed from ports > (e.g. sshd version 1.2.27 [i386--freebsd3.5.1] ), > I have much more verbose logging, then on 4.x systems with the > "core" openssh (e.g. sshd version OpenSSH_2.3.0 ). > > As an example, here is the excerpts from logs on the same type of > event for 3.x and 4.x systems: > > 3.x and sshd 1.2.27: > > Dec 21 11:05:36 <auth.info> host3.x sshd[7623]: connect from 210.97.143.20 > Dec 21 11:05:36 <auth.info> host3.x sshd[7623]: log: Connection from 210.97.143.20 port 1257 > Dec 21 11:05:36 <auth.info> host3.x sshd[7623]: log: Could not reverse map address 210.97.143.20. > Dec 21 11:05:36 <auth.info> host3.x sshd[7624]: connect from 210.97.143.20 > Dec 21 11:05:36 <auth.info> host3.x sshd[7624]: log: Connection from 210.97.143.20 port 1253 > Dec 21 11:05:36 <auth.info> astra sshd[7624]: log: Could not reverse map address 210.97.143.20. > Dec 21 11:05:36 <auth.err> astra sshd[7623]: fatal: Local: Your ssh version is too old and is no longer supported. Please install a newer version. > Dec 21 11:05:36 <auth.err> astra sshd[7624]: fatal: Local: Your ssh version is too old and is no longer supported. Please install a newer version. > > > 4.x and OpenSSH_2.3.0: > > Dec 21 11:05:26 <auth.info> host4.x sshd[67562]: Disconnecting: Your ssh version is too old and is no longer supported. Please install a newer version. > Dec 21 11:05:39 <auth.info> host4.x sshd[67565]: Disconnecting: Your ssh version is too old and is no longer supported. Please install a newer version. > > > I see that the priority of the messages changed between the versions. > However, even enabling "auth.*" logging does not show the "connect from .." > messages. > In both cases sshd is run as a standalone daemon. > > Any ideas/sugggestions as for how to enable this logging in OpenSSH ? > (Am I just overlooking something obvious ?) > > Thanks, > > Igor > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002f01c18a59$50806a00$3800a8c0>