Re: logging file names with sftp

Hi Darren - thanks for the reply!

The so-called "normal" logging is working - the problem is it's tragically

We store IP information on the server. In addition, it's not possible to have
security without accountability.

I was able to modify sftp-server.c to our needs, i.e., basically log every
sftp command issued - including the names of the files transferred - tagged
with user name and stored in a seperate log file.

If anyone is interested in what I did I would more than happy to share it -
otherwise I won't bore you to death.

In short, I solved the my problem and thanks!

-- Cinaed

On Wed, Sep 2, 2009 at 6:27 PM, Darren Tucker<dtucker@xxxxxxxxxx> wrote:
Agile Aspect wrote:

Hi - I' m trying to log file names of the files which are transferred
(basically in the same manner as vsftp, proftpd, etc.) but regardless
of how high I turn on debugging, the file name won't show up!

How did you try configuring it?

Basically you just need to add the -l and -f options to the sftp-server line
in sshd_config to specify the appropriate syslog level and facility and
restart sshd to pick up the changes.  See sftp-server(8) man page for
details.  syslog will also need to be configured appropriately.

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
   Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

"We are drowning in information and starving for knowledge."

Rutherford D. Roger