[scponly] logging control

Kaleb Pederson kaleb.pederson at gmail.com
Tue Mar 31 15:35:53 EDT 2009


On Tue, Mar 31, 2009 at 10:55 AM, Christopher Barry
<christopher.barry at qlogic.com> wrote:
> Hi all,
>
> I've been playing around trying to get logging working in a way that produces the level of detail I would like, namely I want to see logs of similar detail to ftp logs. e.g.:
> who connects when, from where, what they do while connected, files uploaded/downloaded. Plus all auth failures.

This isn't really a scponly question, but would be a good question for
the OpenSSH list.

As of OpenSSH-4.4p1, the sftp-server logs information about
transferred files.  See man sftp-server.  Note the -l and -f options
as well as the comments regarding /dev/log.

Also note that you can specify options to the sftp-server on the
Subsystem line in sshd_config.

> Docs are scant on this aspect. I tried the syslogd socket method in chroot /dev/log, but this did not seem to have any effect. I've set what I think are correct env vars (values? well, that's another question ;)

You generally don't need to set these manually.  The ssh server will
set them as needed based on command line options.

Good luck.

--Kaleb

>
> ~# cat /etc/environment
> PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
> # for scponly
> LOG_SFTP=1
> SFTP_UMASK=022
> SFTP_PERMIT_CHMOD=0
> SFTP_PERMIT_CHOWN=0
> SFTP_LOG_LEVEL=LOG_DEBUG
> SFTP_LOG_FACILITY=LOG_AUTHPRIV
> # end
>
> Anyone made this type of logging work? Can you share how?
> keeping sshd @ DEBUG3 is kinda filling up my disk...;)
>
> Thanks,
> -C



More information about the scponly mailing list