[scponly] scponlyc logging

Kaleb Pederson kaleb.pederson at gmail.com
Tue Aug 5 12:17:54 EDT 2008 

Do you have a /dev/log device or a have your logging daemon setup to
listen on a socket within the chroot?

Typically, you'll pass an extra parameter to syslogd, such as '-a
/path/to/chroot/path/to/socket' in order for the device to be found.

Are the arguments that you have the sftp-server subsystem configured
to use being passed in? (see the scponly logs)

Also, use DEBUG3 is not the best way to go about getting logging
information out of the sftp-server.  You should see the sftp-logging
patch (if you're on an older version of ssh) or the sftp-filecontrol
patch (for newer versions).  These versions will log the correct
amount of information in the appropriate way.

Let us know how it goes.

--Kaleb

On Tue, Aug 5, 2008 at 6:07 AM, Stuart VanZee <StuartV at datalinesys.com> wrote:
>
> Hello,
>
> I have been trying to get logging working for scponlyc.
>
> There is a requirement that all file transfers and deletes be
> logged for a project that I am working on.  There is also a
> requirement that all clients be chrooted into their own home
> folders.  I have been able to get logging working using strait
> sftp w/out scponly, but when I use an scponlyc account on the
> same box I do not get any logging.
>
> Here is what I have.
>
> /usr/local/etc/scponly/debuglevel  contains a 2
>
> /etc/ssh/sshd_config contains the following pertinent settings:
>
> SyslogFacility AUTH
> LogLevel DEBUG3
>
> and the Subsystem line:
>
> Subsystem       sftp    /usr/libexec/sftp-server -f AUTH -l DEBUG3
>
> I think I have all the proper files in the chroot.  I have run ldd
> on everything and it all seems to be there.
>
> The system is OpenBSD 4.3 and scponly 4.8
>
> please let me know if there is any more info you need or if you have
> any idea how to get this going.  My PHB is getting pretty annoyed
> that I haven't gotten it up and running yet.
>
> Stuart van Zee
> stuartv at datalinesys.com
>
> PHB=Pointy Haired Boss
>
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
>

More information about the scponly mailing list