Re: intrusion via ssh
From: Roberto C. Sanchez (roberto_at_familiasanchez.net)
Date: 03/31/05
- Previous message: Bob Alexander: "Re: Debian way of integrating out of tree drivers"
- In reply to: Angelina Carlton: "Re: intrusion via ssh"
- Next in thread: Michelle Konzack: "Re: intrusion via ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 31 Mar 2005 14:50:55 -0500 To: debian-user@lists.debian.org
Angelina Carlton wrote:
> On Thu, Mar 31, 2005 at 06:32:37PM +0200, Michelle Konzack wrote:
>
>>Be happy...
>>Today I have gotten more then 3000 of this...
>>18 MByte of "/var/log/sshd.log".
>>
>
>
> Hi Michelle,
> can you descibe to me how to make all sshd activity log
> to /var/log/sshd.log ? My woody server logs it auth.log
> which is fine I suppose but I woul much rather have sshd.log
>
> my sshd_config has:
>
> # Logging
> SyslogFacility AUTH
> LogLevel INFO
>
> I would imagine that needs changing to something, but syslog would need to
> be changed also? and what about logrotate?
>
Change AUTH to LOCAL0 and then modify /etc/syslog.conf to
log the LOCAL0 facility to /var/log/sshd.log
Don't forget setup a log rotation for it (I am not sure if
syslog handles this automatically).
-Roberto
-- Roberto C. Sanchez http://familiasanchez.net/~sanchezr
-- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- application/pgp-signature attachment: OpenPGP digital signature
- Previous message: Bob Alexander: "Re: Debian way of integrating out of tree drivers"
- In reply to: Angelina Carlton: "Re: intrusion via ssh"
- Next in thread: Michelle Konzack: "Re: intrusion via ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
