Full Disclosure mailing list archives

Re: sshd logins without a source

From: paul.szabo () sydney edu au
Date: Fri, 23 Sep 2011 22:05:36 +1000

Dear Laurelai,

I do not think that sshd normally logs its source. ... To produce the
desired log, I added to /etc/hosts.allow the line
sshd : all : spawn /usr/bin/logger -t"%d[%p]" "Connection source %h port %r"


Don't most modern Linux distros log sshd by default? If for whatever
reason yours doesn't you can set the log level in the sshd config.


My Debian sshd comes with "LogLevel INFO" in /etc/ssh/sshd_config.
I never found documentation on what a "LogLevel VERBOSE" would do,
so never changed it; my hosts.allow line does exactly what I want,
and a similar line can do it for telnetd also. (Don't laugh...)

Cheers, Paul

Paul Szabo   psz () maths usyd edu au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

sshd logins without a source BH (Sep 23)
- Re: sshd logins without a source Guillaume Friloux (Sep 23)
- Re: sshd logins without a source paul . szabo (Sep 23)
  - Re: sshd logins without a source Laurelai (Sep 23)
    - Re: sshd logins without a source paul . szabo (Sep 23)
    - Re: sshd logins without a source BH (Sep 23)
    - Re: sshd logins without a source Laurelai (Sep 23)
    - Re: sshd logins without a source paul . szabo (Sep 23)
    - Re: sshd logins without a source Jason A. Donenfeld (Sep 26)
- Re: sshd logins without a source Bacanu Adrian-Daniel (Sep 23)
  - Re: sshd logins without a source james (Sep 23)
- Re: sshd logins without a source Valdis . Kletnieks (Sep 23)
- Re: sshd logins without a source GloW - XD (Sep 23)
- <Possible follow-ups>
- Re: sshd logins without a source Nikolaos Mitsis (Sep 26)