Re: log files
From: Marc W. (marc_at_packetfilter.org)
Date: 08/25/03
- Previous message: Turner, Carl H [NTWK SVCS]: "RE: ssh-add and passphrase"
- In reply to: Hong Tian: "log files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'secureshell@securityfocus.com'" <secureshell@securityfocus.com> Date: 25 Aug 2003 14:48:49 -0400
Hi Hong,
The easiest way to do this is to add in the following lines into your
/etc/syslog.conf file:
auth.notice;auth.crit;auth.info /var/adm/messages
And then restart syslogd. It should then log any time a user logged in,
whether successfuly or not, to your messages.
Normally though this information is kept in a seperate file to keep down
clutter in the messages, and is placed in /var/log/authlog. If you want
to do it that way just change the /var/adm/messages above to
/var/log/authlog.
Hope this helps!
Marc W.
On Mon, 2003-08-25 at 12:08, Hong Tian wrote:
> Hi,
> We have a Solaris 8 server which is running openssh-3.4p1. If a user logs in
> the server using SSH with incorrect password, syslogd will record the log
> information on /var/admin/messages file. But I also need the log information
> (which user from which host at what time) even a user log in with correct
> password. Could I set up it by sshd_config? Anyone knows where can I find
> such SSH user log information with successful login?
>
> Thanks for your help.
> Hong
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: Turner, Carl H [NTWK SVCS]: "RE: ssh-add and passphrase"
- In reply to: Hong Tian: "log files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
