ftpd and sshd logging of domain names

Polytropon freebsd at edvax.de
Sun Aug 24 21:44:16 UTC 2008

On Sun, 24 Aug 2008 16:32:56 -0500, Len Conrad <LConrad at Go2France.com> wrote:
> Are there are any flags or tricks to get these two daemons to log IP 
> addresses of failed login attempts, rather than PTR hostnames?
> man ftpd
> man sshd
> ... show nothing, afaics.

At least for ftpd I think there is a solution:

1. Edit /etc/inetd.conf

	ftp	stream	tcp	nowait	root	/usr/libexec/ftpd	ftpd -ll
	ftp	stream	tcp6	nowait	root	/usr/libexec/ftpd	ftpd -ll

   The flags -ll enable extended logging.

2. Edit /etc/syslog.conf:

	*.*						/var/log/ftpd.log

3. Create the log file

	# touch /var/log/ftpd.log

4. Optionally: Edit /etc/newsyslog.conf for preferred log

The IPs are being logged in the log file. I'm sure SSH
allows something similar. If I remember correctly, this
has recently been discussed at this list, maybe the archive
brings up some helping informations for you.

>From Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...

More information about the freebsd-questions mailing list