how to log sshd access in a single file

Rick Miller vmiller at hostileadmin.com
Mon Sep 16 18:05:47 UTC 2013


On Mon, Sep 16, 2013 at 1:57 PM, aurikus grande <aurikus at gmail.com> wrote:

> Hello Rick,
>
> sorry that i did not reply to all, from now on i will use "reply to all".
> Thanks for pointing it out.
>
> I will also open port 80 for web access, but i do not want to log those.
> Because i expect a huge amount of traffic on my server.
>

Most web servers handle their own logging.

So i only want to log successfull and unsuccessfull sshd access.
>

Have you looked at /var/log/auth.log?

twist is part of the FreeBSD 9.1 base installation, i did not yet install
> any other package.
>

That was my mistake, I sent the email before editing that out as I had
intended.

The idea behind using hosts.allow was because i could specify the rule by
> the service (and not by the level of the message).
>
> And yes, in my case sshd is configured to run via inetd.
>
> You are correct, my main goal is to log all failed sshd attempts. If it is
> easier to log successfull and failed attempts (to the same file), this
> would also be fine for me.
>

Can you elaborate on your reasons for running sshd via inetd?  I'm curious
as I've never even heard of anyone attempting this.


-- 
Take care
Rick Miller


More information about the freebsd-questions mailing list