how to log sshd access in a single file
aurikus at gmail.com
Mon Sep 16 18:44:10 UTC 2013
>Most web servers handle their own logging.
I do _not_ want the web server acces to be logged (at least as of now).
>Have you looked at /var/log/auth.log?
yes, and as you mentioned in your previous update, it logs the success
login (only). Unsuccessfull attempts are being sent to /var/log/messages .
So there are 2 separate files. I would like to have all sshd access
attempts in one single file - regardless if they are successfull or
Quotation: "I believe FreeBSD defaults to failed ssh authentication is
logged to /var/log/messages while successful authentication is written to
>Can you elaborate on your reasons for running sshd via inetd? I'm curious
as I've never even heard of anyone attempting this.
When i searched how to setup / configure sshd on internet, i found many
hints to start it using inetd. Since it worked for me there was no reason
to change it.
2013/9/16 Rick Miller <vmiller at hostileadmin.com>
> On Mon, Sep 16, 2013 at 1:57 PM, aurikus grande <aurikus at gmail.com> wrote:
>> Hello Rick,
>> sorry that i did not reply to all, from now on i will use "reply to all".
>> Thanks for pointing it out.
>> I will also open port 80 for web access, but i do not want to log those.
>> Because i expect a huge amount of traffic on my server.
> Most web servers handle their own logging.
> So i only want to log successfull and unsuccessfull sshd access.
> Have you looked at /var/log/auth.log?
> twist is part of the FreeBSD 9.1 base installation, i did not yet install
>> any other package.
> That was my mistake, I sent the email before editing that out as I had
> The idea behind using hosts.allow was because i could specify the rule by
>> the service (and not by the level of the message).
>> And yes, in my case sshd is configured to run via inetd.
>> You are correct, my main goal is to log all failed sshd attempts. If it
>> is easier to log successfull and failed attempts (to the same file), this
>> would also be fine for me.
> Can you elaborate on your reasons for running sshd via inetd? I'm curious
> as I've never even heard of anyone attempting this.
> Take care
> Rick Miller
More information about the freebsd-questions