Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: no sshd log exists

from [Garance A Drosihn] Network Security [Permanent Link]
Subject: Re: no sshd log exists
Date: Wed, 1 Mar 2006 16:59:25 -0500
At 11:46 AM -0800 2/28/06, spcatch55 wrote: 
I want to see a log of all users that log in via ssh,
yet the /var/log/sshd.log file does not exist.  This
is on a Debian Linux (knoppix 3.4).

/etc/ssh/sshd_config contains this:
    SyslogFacility AUTH
    LogLevel INFO

Any ideas of where my configuration is wrong? 

You need to check your /etc/syslog.conf file (or equivalent), and
see where it is sending 'auth.log' records.  if you have a line
such as:

auth.info;authpriv.info         /var/log/auth.log

then you may have to create /var/log/auth.log and send a -HUP
signal to the syslogd daemon to get it to re-read the config
file, and notice that the file now exists.  I believe that most
syslogd's require that the file already exist before they will
write any log records to them.

Note that you will probably want special permissions on that
log file, and that you'll want to make sure some process is
periodically checking the file and rotating it if necessary.

--
Garance Alistair Drosehn            =   gad@gilead.netel.rpi.edu
Senior Systems Programmer           or  gad@freebsd.org
Rensselaer Polytechnic Institute    or  drosih@rpi.edu

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Identification String spam from known hosts, Rob Munsch
Next by Date:  Re: Identification String spam from known hosts, Patrick Morris
Previous by Thread:  no sshd log exists, spcatch55
Next by Thread:  Re: no sshd log exists, spcatch55
Indexes:  [Date] [Thread] [Top] [All Lists]