Network Security: Detailed info on Re: log scp interactions with openssh

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Secure-Shell

[Top] [All Lists]

Re: log scp interactions with openssh

from [IRCGNet] Network Security

[Permanent Link]

Subject:	Re: log scp interactions with openssh
Date:	Thu, 29 Sep 2005 03:49:24 -0700

Jeff Rosowski wrote:

I'm afraid you do not understand my intention. I do *not* want to disable the filetransfer for users. But I'd like to know what happens on my system. SFTP and shell interactions can be logged. Unfortunately scp not.

The sftplogging patch for openssh is a good idea but can be bypassed by the user with scp. This is my problem.
I use scponly, which is a shell replacement that only allowes scp/sftp file transfers for a user, does logging, and allows you to chroot the user. It also don't require recompiling or doing crazy patches to ssh, which is a nice feature.

We also use scponly and it works great. It allows admins who need the access to specific areas the power they need but nothing more. Check it out if you haven't already. I think you'll find it will suite most organizational needs.

Michael

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
log scp interactions with openssh, diabolo Re: log scp interactions with openssh, Alexander Klimov Re[2]: log scp interactions with openssh, diabolo Re: log scp interactions with openssh, Manu Re[2]: log scp interactions with openssh, Jeff Rosowski Re: log scp interactions with openssh, IRCGNet <=

Previous by Date:	Re[2]: log scp interactions with openssh, Jeff Rosowski
Next by Date:	known_hosts file, gavin . hale
Previous by Thread:	Re[2]: log scp interactions with openssh, Jeff Rosowski
Next by Thread:	Running a script on login, Chris Jensen
Indexes:	[Date] [Thread] [Top] [All Lists]