Re: SSH Logging in Windows? (Using cygwin)

From: Pierre Rouleau <p_rouleau@xxxxxxxxxxxx>
Date: Tue, 25 Sep 2007 19:43:23 -0400

I will try to help.

You can install syslog-ng in CygWin. The logins will then appears into the default syslog /var/log/messages, but there is not logouts log.

The others points aren't really possibles.
You can't log the traffic because it's encrypted, unless the packet travel one more hop in which case you can use a common network sniffer (like WireShark), but you can't distinguish what come from or go to a SSH's pipe from the rest of the local traffic.
You can get a "log" some commands by copying the .history file IF a shell is used and if it create one. scp and sftp are some example that will not be logged and you will not known which files have been copied (in or out).

P.Rouleau

At 11:13 2007-09-24, you wrote:

Hi all,

I have set SSH up on my Windows XP Home Edition computer some time ago. I
wanted to be able to log all incoming and outgoing SSH traffic / commands
issued to the server to a file. Currently, SSH is logging to Windows and the
log can be view from Windows Event Viewer. This is not what I want and I was
hoping to sort of 're-direct' the data to a log file somewhere (like say the
sshd.log file which isn't being used at the moment). I am unable to find a
guide on it at all on this, and I hope someone can help me. Thanks in
advance!
----------------------------
Windows XP Home Edition
256 MB RAM
Running SSH 4.7p1-2 on Cygwin. (Package retrieved from Cygwin repository at
sourceforge.net)
--
View this message in context: http://www.nabble.com/SSH-Logging-in-Windows--%28Using-cygwin%29-tf4503918.html#a12844983
Sent from the SSH (Secure Shell) mailing list archive at Nabble.com.

References:
- SSH Logging in Windows? (Using cygwin)
  - From: skylive

Prev by Date: SSH Logging in Windows? (Using cygwin)
Next by Date: SSH passphrase authentication
Previous by thread: SSH Logging in Windows? (Using cygwin)
Next by thread: SSH passphrase authentication
Index(es):
- Date
- Thread

Relevant Pages

Re: OpenSSH, Telnet, Windows Authentication and double-hops
... >> ssh -L) ... JM> in seperate DOS console windows in this order: ... I'm using the 3.8 version of OpenSSH. ... >> Kerberos ticket, or your password in order to acquire one. ...
(comp.security.ssh)
Re: OpenSSH, Telnet, Windows Authentication and double-hops
... >> ssh -L) ... JM> in seperate DOS console windows in this order: ... >> Kerberos ticket, or your password in order to acquire one. ... JM> We're focusing on the OpenSSH for Windows distribution. ...
(comp.security.ssh)
Re: OpenSSH, Telnet, Windows Authentication and double-hops
... deployment on a Windows network. ... Does this mean that you are setting SSH port forwarding ... does not provide the other side with either a Kerberos ticket, ... We're focusing on the OpenSSH for Windows distribution. ...
(comp.security.ssh)
Re: FC6 VPN
... Then you can run any application you would like off the server by simply running it, or if you want to run a whole session, use gnomesession. ... ssh client that supports X forwarding, which is want you want to be looking at. ... SSH allows you to forward any local port to any remote port. ... If you need to connect to, say a windows share, you would forward your local port to the linux server through the ssh tunnel. ...
(Fedora)
Re: Windows GSSAPI ssh connection via cross-realm authentication problems
... acess to the ssh server. ... Windows AD is primary kdc with realm name KDCTEST.COM and hostname ... the windows ssh client computer to be trusted for delegation. ...
(comp.protocols.kerberos)