Re: How do I log filenames in when a person uses scp or sftp (209 Views)
Reply
Valued Contributor
chindi
Posts: 344
Registered: ‎07-24-2008
Message 1 of 3 (245 Views)
Accepted Solution

How do I log filenames in when a person uses scp or sftp

[ Edited ]

Hi ,

Am unable to log scp sessions , files scp'd from one location to other for hpux 11iv2 .

Have tried ssh_config. And the lines, 
SyslogFacility LOCAL3
LogLevel INFO

 

started syslog , but not getting logged .

 

 

P.S. This thread has been moved from HP-UX > System Administration to HP-UX > networking. - Hp Forum Moderator

Please use plain text.
Honored Contributor
Matti_Kurkela
Posts: 6,271
Registered: ‎12-02-2001
Message 2 of 3 (215 Views)

Re: How do I log filenames in when a person uses scp or sftp

ssh_config is the configuration file for the SSH client. It has no effect at all on incoming connections, and does not support keywords SyslogFacility nor LogLevel.

 

You'll need to edit sshd_config instead, and restart the main sshd daemon after making your changes.

Even so, the OpenSSH-style scp command is just piping the data over a SSH connection from one scp process to another: the sshd daemon will only see the command line used to start the scp command in remote mode, and cannot log more than that. The scp command itself has no facilities for logging at all.

 

However, if the other endpoint uses a SSH implementation that is not based on OpenSSH, it may actually use the SFTP protocol with a scp-style user interface. In that case, you can log all the file transfer operations by adding appropriate logging options to the Subsystem line in the sshd_config file. See "man sftp-server" for a list of available options.

 

Restarting the syslog daemon is only needed if you make changes to /etc/syslog.conf (and even so, restarting is overkill: sending a "kill -HUP" to the running syslogd process to make it re-read its configuration file is normally sufficient.)

 

If you modify /etc/syslog.conf, please note this recent thread too:

http://h30499.www3.hp.com/t5/System-Administration/Redirect-ssh-messages/m-p/6231513

MK
Please use plain text.
Valued Contributor
chindi
Posts: 344
Registered: ‎07-24-2008
Message 3 of 3 (209 Views)

Re: How do I log filenames in when a person uses scp or sftp

Thanks Matti .
Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation