Re: log files

From: Marc W. (marc_at_packetfilter.org)
Date: 08/25/03

  • Next message: Turner, Carl H [NTWK SVCS]: "RE: problem with X forwarding"
    To: "'secureshell@securityfocus.com'" <secureshell@securityfocus.com>
    Date: 25 Aug 2003 14:48:49 -0400
    
    
    

    Hi Hong,

    The easiest way to do this is to add in the following lines into your
    /etc/syslog.conf file:

    auth.notice;auth.crit;auth.info /var/adm/messages

    And then restart syslogd. It should then log any time a user logged in,
    whether successfuly or not, to your messages.

    Normally though this information is kept in a seperate file to keep down
    clutter in the messages, and is placed in /var/log/authlog. If you want
    to do it that way just change the /var/adm/messages above to
    /var/log/authlog.

    Hope this helps!
    Marc W.
    On Mon, 2003-08-25 at 12:08, Hong Tian wrote:
    > Hi,
    > We have a Solaris 8 server which is running openssh-3.4p1. If a user logs in
    > the server using SSH with incorrect password, syslogd will record the log
    > information on /var/admin/messages file. But I also need the log information
    > (which user from which host at what time) even a user log in with correct
    > password. Could I set up it by sshd_config? Anyone knows where can I find
    > such SSH user log information with successful login?
    >
    > Thanks for your help.
    > Hong

    
    



  • Next message: Turner, Carl H [NTWK SVCS]: "RE: problem with X forwarding"