Re: logging file names with sftp

From: Agile Aspect <agile.aspect@xxxxxxxxx>
Date: Wed, 2 Sep 2009 22:34:18 -0700

Hi Darren - thanks for the reply!

The so-called "normal" logging is working - the problem is it's tragically
incomplete.

We store IP information on the server. In addition, it's not possible to have
security without accountability.

I was able to modify sftp-server.c to our needs, i.e., basically log every
sftp command issued - including the names of the files transferred - tagged
with user name and stored in a seperate log file.

If anyone is interested in what I did I would more than happy to share it -
otherwise I won't bore you to death.

In short, I solved the my problem and thanks!

-- Cinaed

On Wed, Sep 2, 2009 at 6:27 PM, Darren Tucker<dtucker@xxxxxxxxxx> wrote:

Agile Aspect wrote:

Hi - I' m trying to log file names of the files which are transferred
(basically in the same manner as vsftp, proftpd, etc.) but regardless
of how high I turn on debugging, the file name won't show up!

How did you try configuring it?

Basically you just need to add the -l and -f options to the sftp-server line
in sshd_config to specify the appropriate syslog level and facility and
restart sshd to pick up the changes. See sftp-server(8) man page for
details. syslog will also need to be configured appropriately.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

--
"We are drowning in information and starving for knowledge."

--
Rutherford D. Roger

Follow-Ups:
- Re: logging file names with sftp
  - From: Darren Tucker
- Re: logging file names with sftp
  - From: Derek Martin

References:
- logging file names with sftp
  - From: Agile Aspect
- Re: logging file names with sftp
  - From: Darren Tucker

Prev by Date: Re: logging file names with sftp
Next by Date: Re: logging file names with sftp
Previous by thread: Re: logging file names with sftp
Next by thread: Re: logging file names with sftp
Index(es):
- Date
- Thread

Relevant Pages

Re: logging file names with sftp
... security without accountability. ... I was able to modify sftp-server.c to our needs, i.e., basically log every ... for local user dtucker from ... Good judgement comes with experience. ...
(SSH)
help with LDIF syntax - modifying AD schema
... modify the AD schema. ... MyController - masterID, masterName. ... classes to add to the schema. ... specify the log file path via the -j option. ...
(microsoft.public.windows.server.active_directory)
Re: ldifde syntax - mail-enabling / create Mailbox for an existing AD user
... Unfortunately I'm having some syntax issues and can't make this work. ... I create an account with a password via "dsadd" and I'm ... to be able to modify the account via ldifde to mail-enable it. ... specify the log file path via the -j option. ...
(microsoft.public.exchange2000.admin)
Re: Ldifde -i -f error
... i went to GPO password policy and disabled complecity and minimum password lenth and still get the same errror.. ... changetype: modify ... specify the log file path via the -j option. ...
(microsoft.public.win2000.active_directory)
import user in window 2003 ldifde
... i went to GPO password policy and disabled complecity and minimum password lenth and still get the same errror.. ... changetype: modify ... specify the log file path via the -j option. ...
(microsoft.public.exchange2000.active.directory.integration)