Full Disclosure mailing list archives
Re: sshd logins without a source
From: paul.szabo () sydney edu au
Date: Fri, 23 Sep 2011 22:05:36 +1000
Dear Laurelai,
I do not think that sshd normally logs its source. ... To produce the desired log, I added to /etc/hosts.allow the line sshd : all : spawn /usr/bin/logger -t"%d[%p]" "Connection source %h port %r"Don't most modern Linux distros log sshd by default? If for whatever reason yours doesn't you can set the log level in the sshd config.
My Debian sshd comes with "LogLevel INFO" in /etc/ssh/sshd_config. I never found documentation on what a "LogLevel VERBOSE" would do, so never changed it; my hosts.allow line does exactly what I want, and a similar line can do it for telnetd also. (Don't laugh...) Cheers, Paul Paul Szabo psz () maths usyd edu au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- sshd logins without a source BH (Sep 23)
- Re: sshd logins without a source Guillaume Friloux (Sep 23)
- Re: sshd logins without a source paul . szabo (Sep 23)
- Re: sshd logins without a source Laurelai (Sep 23)
- Re: sshd logins without a source paul . szabo (Sep 23)
- Re: sshd logins without a source BH (Sep 23)
- Re: sshd logins without a source Laurelai (Sep 23)
- Re: sshd logins without a source paul . szabo (Sep 23)
- Re: sshd logins without a source Jason A. Donenfeld (Sep 26)
- Re: sshd logins without a source Laurelai (Sep 23)
- Re: sshd logins without a source james (Sep 23)
- <Possible follow-ups>
- Re: sshd logins without a source Nikolaos Mitsis (Sep 26)