Date: Mon, 29 Oct 2001 14:40:34 -0500 (EST) From: Scott Nolde <scott@smnolde.com> To: Mark Hughes <mark@dvdnews.co.uk> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: sshd logging.... where?? Message-ID: <20011029143607.H30578-100000@bsd.smnolde.com> In-Reply-To: <002001c1602b$7157bc40$0200a8c0@mark2>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark, I log sshd session in a file called /var/log/sshd.log and here's how I do it: 1. touch /var/log/sshd.log 2. edit your /etc/syslog.conf and add the lines !sshd *.* /var/log/sshd.log 3. killall -HUP syslogd The sshd will now log stuff into /var/log/sshd.log. Edit your /etc/ssh/sshd_config file to determine what gets logged. By default, the following lines are in sshd_config for sylog logging: SyslogFacility AUTH LogLevel INFO Change as necessary, more details are in the sshd manpage. - Scott smacked into the keyboard previously by owner-freebsd-questions@FreeBSD.ORG: >Date: Mon, 29 Oct 2001 03:39:45 -0000 >From: Mark Hughes <mark@dvdnews.co.uk> >To: freebsd-questions@FreeBSD.ORG >Subject: sshd logging.... where?? > >Hello all, > >I'm trying to troubleshoot some problems I'm having with ssh/sshd, and I'm >quite, quite stuck on where sshd is actually logging to. > >>From what I understand, it sends it log entrys, by default, to syslogd, at >the auth.info level, so wherever this goes, I should find the logs - have I >got that right? > >The curious thing is, I can't find 'em. I've looked in /etc/syslog.conf, >and by that I've set them to go to /var/log/auth.log, which I've created >and chmod'd to 0600. > >I've even tried putting a "*.* /dev/console" at the top of >/etc/syslog.conf, and now all the system messages are coming to the >console....but still no signs of anything from sshd - failed logins, >successful logins, nothing to the logs.... > >Anyone got any ideas? I've tried changing the loglevel to DEBUG, which I'm >sure should spill loads of crap to the log every time somone logs in, but >still nothing. I've made sure to send a SIGHUP to sshd and syslogd every >time I changed something in the respective config files... > >...and still nothing. I have to admit, I'm quite, quite confused as to >where the hell they are going. > >TIA, >Mark >-- >Mark Hughes - DVD & Film Content Manager, Technical Officer >Digital Spy Ltd >http://www.digitalspy.co.uk/ >Your number one source for digital media and entertainment news! > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > Scott Nolde GPG Key 0xD869AB48 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011029143607.H30578-100000>