From owner-freebsd-questions@FreeBSD.ORG Mon Sep 16 19:41:53 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id CBCFE153 for ; Mon, 16 Sep 2013 19:41:53 +0000 (UTC) (envelope-from vrwmiller@gmail.com) Received: from mail-ie0-x22c.google.com (mail-ie0-x22c.google.com [IPv6:2607:f8b0:4001:c03::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 99349282A for ; Mon, 16 Sep 2013 19:41:53 +0000 (UTC) Received: by mail-ie0-f172.google.com with SMTP id x13so8382699ief.31 for ; Mon, 16 Sep 2013 12:41:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=EAfCplz+/lPSs0C7PI7rshUiar53VUlEM20rtURM0hM=; b=TLX0RrT/UCYGrJBw5cBgPEVZL0U894v6a4OIzYOHRXN6Mu8FIeyq15/iIDXFceDXZe M2499jfTDKRPTBHSEPnsLD2mjSpJoIvvMZWYBA11lHin0BT/h/+bM1h8BhB7eue74OPI EMWe4ilL9Zsd5eWDRQwmLDgE81ugxyI2wsNB8vW18F+pZn5OSAXEuEAZdxuOmU5Vezfv i/D10xnGbiv5zrZuxtyaftw0OEqYd9R5FdK94qharlxwFGhsDVFGvMfHroHCW31zJuot 8gQjiPVsRutVzgiuDQyqwlNX0QmlbGH0mwTdCeWFf2MLgRQnGhBTxlgEC4HybD/vt3xf Gz0Q== MIME-Version: 1.0 X-Received: by 10.43.98.202 with SMTP id cp10mr914453icc.28.1379360512968; Mon, 16 Sep 2013 12:41:52 -0700 (PDT) Sender: vrwmiller@gmail.com Received: by 10.64.9.39 with HTTP; Mon, 16 Sep 2013 12:41:52 -0700 (PDT) In-Reply-To: References: Date: Mon, 16 Sep 2013 15:41:52 -0400 X-Google-Sender-Auth: SmCdcuF7QFog8ypdxgbmdtPQx_Y Message-ID: Subject: Re: how to log sshd access in a single file From: Rick Miller To: aurikus grande Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: FreeBSD Questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Sep 2013 19:41:54 -0000 On Mon, Sep 16, 2013 at 2:44 PM, aurikus grande wrote: > >Most web servers handle their own logging. > I do _not_ want the web server acces to be logged (at least as of now). > Which is fine, but still configured via your web server. >Have you looked at /var/log/auth.log? > yes, and as you mentioned in your previous update, it logs the success > login (only). Unsuccessfull attempts are being sent to /var/log/messages . > So there are 2 separate files. I would like to have all sshd access > attempts in one single file - regardless if they are successfull or > unsuccessfull. > > Quotation: "I believe FreeBSD defaults to failed ssh authentication is > logged to /var/log/messages while successful authentication is written to > /var/log/auth.log." > I was incorrect. Fail and success are both recorded here. Even if this were the case, the best way to accomplish what you're looking for is still syslog. > >Can you elaborate on your reasons for running sshd via inetd? I'm curious > as I've never even heard of anyone attempting this. > When i searched how to setup / configure sshd on internet, i found many > hints to start it using inetd. Since it worked for me there was no reason > to change it. > In general, most administrators will not run ssh via inetd. A more common configuration is detailed in the FreeBSD handbook at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/openssh.html -- Take care Rick Miller