How can I log every login via telnet?
Anthony Atkielski
atkielski.anthony at wanadoo.fr
Thu Apr 7 20:32:47 PDT 2005
Sandy Rutherford writes:
> Check /var/log/auth.log. They should be logged there by default.
Thanks, that's just what I was looking for.
> You could also use tcpwrappers for better control over access and
> logging. See /etc/hosts.allow and "man 5 hosts_options".
I'd be mainly interested in restricting which user names can log on from
the Net through telnet, rather than which IP addresses.
Also, securing the traffic over the telnet session is unimportant
(including passwords), because none of the telnet use would involve
anything confidential. I mainly want to ensure that only a select
handful of users can actually log in through telnet, and that those uses
cannot escape to a shell by any means or otherwise stray outside the
program that I want to run immediately upon login. I've tweaked my test
program to eliminate possible buffer overflows on input and it has no
facility for escaping to a shell, and it does virtually no file I/O and
only to hard-coded paths, so hopefully it's not too much of a risk.
--
Anthony
More information about the freebsd-questions
mailing list