Networking
Showing results for 
Search instead for 
Do you mean 

How do I log filenames in when a person uses scp or sftp

SOLVED
Go to Solution
Respected Contributor

How do I log filenames in when a person uses scp or sftp

[ Edited ]

Hi ,

Am unable to log scp sessions , files scp'd from one location to other for hpux 11iv2 .

Have tried ssh_config. And the lines, 
SyslogFacility LOCAL3
LogLevel INFO

 

started syslog , but not getting logged .

 

 

P.S. This thread has been moved from HP-UX > System Administration to HP-UX > networking. - Hp Forum Moderator

2 REPLIES
Honored Contributor [Founder]

Re: How do I log filenames in when a person uses scp or sftp

ssh_config is the configuration file for the SSH client. It has no effect at all on incoming connections, and does not support keywords SyslogFacility nor LogLevel.

 

You'll need to edit sshd_config instead, and restart the main sshd daemon after making your changes.

Even so, the OpenSSH-style scp command is just piping the data over a SSH connection from one scp process to another: the sshd daemon will only see the command line used to start the scp command in remote mode, and cannot log more than that. The scp command itself has no facilities for logging at all.

 

However, if the other endpoint uses a SSH implementation that is not based on OpenSSH, it may actually use the SFTP protocol with a scp-style user interface. In that case, you can log all the file transfer operations by adding appropriate logging options to the Subsystem line in the sshd_config file. See "man sftp-server" for a list of available options.

 

Restarting the syslog daemon is only needed if you make changes to /etc/syslog.conf (and even so, restarting is overkill: sending a "kill -HUP" to the running syslogd process to make it re-read its configuration file is normally sufficient.)

 

If you modify /etc/syslog.conf, please note this recent thread too:

http://h30499.www3.hp.com/t5/System-Administration/Redirect-ssh-messages/m-p/6231513

MK
Highlighted
Respected Contributor

Re: How do I log filenames in when a person uses scp or sftp

Thanks Matti .