how to log sshd access in a single file

Rick Miller vmiller at
Mon Sep 16 18:05:47 UTC 2013

On Mon, Sep 16, 2013 at 1:57 PM, aurikus grande <aurikus at> wrote:

> Hello Rick,
> sorry that i did not reply to all, from now on i will use "reply to all".
> Thanks for pointing it out.
> I will also open port 80 for web access, but i do not want to log those.
> Because i expect a huge amount of traffic on my server.

Most web servers handle their own logging.

So i only want to log successfull and unsuccessfull sshd access.

Have you looked at /var/log/auth.log?

twist is part of the FreeBSD 9.1 base installation, i did not yet install
> any other package.

That was my mistake, I sent the email before editing that out as I had

The idea behind using hosts.allow was because i could specify the rule by
> the service (and not by the level of the message).
> And yes, in my case sshd is configured to run via inetd.
> You are correct, my main goal is to log all failed sshd attempts. If it is
> easier to log successfull and failed attempts (to the same file), this
> would also be fine for me.

Can you elaborate on your reasons for running sshd via inetd?  I'm curious
as I've never even heard of anyone attempting this.

Take care
Rick Miller

More information about the freebsd-questions mailing list