Re: openssh-5.0p1: sftp transfer logging doesn't appear to work with

This is a discussion on Re: openssh-5.0p1: sftp transfer logging doesn't appear to work with within the OpenSSH Development forums, part of the Networking and Network Related category; On Fri, May 2, 2008 at 2:40 PM, Damien Miller <djm@mindrot.org> wrote: > On Thu, ...


Go Back   Usenet Forums > Networking and Network Related > OpenSSH Development

Reload this Page Re: openssh-5.0p1: sftp transfer logging doesn't appear to work with

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 05-03-2008
john
 
Posts: n/a
Default Re: openssh-5.0p1: sftp transfer logging doesn't appear to work with
On Fri, May 2, 2008 at 2:40 PM, Damien Miller <djm@mindrot.org> wrote:
> On Thu, 1 May 2008, john wrote:
>
> > Hi all,
> >
> > I am running Debian Etch. I've compiled openssh-5.0p1 with pam
> > support. I'd like to use a chrooted sftp environment for my users and
> > also log their sftp file transfers. Currently file transfer logging
> > stops working when I implement a jail. Logging from within the chroot
> > seems like a useful feature. I hope it makes it in sooner rather than
> > later.
>
> Have you tried creating a /dev directory in the chroot and arranging
> for syslogd to listen on /dev/log there?
>
> -d
>

No that doesn't seem to work for me.

I think that the problem is that when there is no chroot the
internal-sftp server handles logging but when I define the chroot the
logging and transaction duties are handed back to sshd


Without chroot:

May 2 16:10:27 slocker internal-sftp[8430]: stat name "/home/flyboy2"
May 2 16:10:35 slocker internal-sftp[8430]: open
"/home/flyboy2/z.ico" flags WRITE,CREATE,TRUNCATE mode 0700
May 2 16:10:35 slocker internal-sftp[8430]: close
"/home/flyboy2/z.ico" bytes read 0 written 7110


with chroot:

May 2 16:19:20 slocker sshd[8751]: Accepted keyboard-interactive/pam
for flyboy2 from 10.1.3.233 port 58861 ssh2
May 2 16:19:20 slocker sshd[8751]: (pam_unix) session opened for user
flyboy2 by (uid=0)
May 2 16:19:20 slocker sshd[8754]: Changed root directory to "/home"
May 2 16:19:42 slocker sshd[8751]: (pam_unix) session closed for user flyboy2


sshd doesn't log the sftp transactions happening inside the chroot directory.

I tried to force logging using a Subsystem declaration inside a match
option but thats illegal apparently.

It would be really useful to both jail and log users. For instance we
have placed our students into jails by graduation year and controlled
access using "MATCH Group". That works very well. It just breaks
logging which is a must have for this scenario.

Thanks for your replies.

John
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 10:40 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0