how to log sshd access in a single file
vmiller at hostileadmin.com
Mon Sep 16 17:30:00 UTC 2013
Selecting "Reply all" when replying to messages on the list allows the
entire list to benefit from the discussion.
On Mon, Sep 16, 2013 at 11:05 AM, aurikus grande <aurikus at gmail.com> wrote:
> Hello Rick.
> thanks a lot for your quick reply.
> Does your recommendation - to use syslog.conf mean instead - that i cant
> accomplish what i want with hosts.allow and twist ?
I am unfamiliar with twist and cannot authoritatively answer this question.
Not to mention, it does not appear to be in base
I´m still reading through the man pages and try to understand how to
> configure syslog.conf.
I recommended syslog, because it is the stock logging mechanism for FreeBSD.
On my 9.1 system, /etc/syslog.conf contains:
These facilities are both logging to /var/log/auth.log.
Your stated goal was logging of failed ssh attempts to your host. The
above line in syslog.conf accomplishes this by sending the message to
TCPWrappers will have no effect on logging of failed ssh attempts unless
sshd is configured to run via inetd.
I recommend pf or ipfw for filtering access to ssh.
More information about the freebsd-questions