HPE Community
Operating System - HP-UX
1752290 Members
4723 Online
108786 Solutions
New Discussion

How do I log filenames in when a person uses scp or sftp

 
SOLVED
Go to solution
chindi
Respected Contributor

‎10-08-2013 05:19 AM - last edited on ‎10-08-2013 07:25 PM by

‎10-08-2013 05:19 AM - last edited on ‎10-08-2013 07:25 PM by

How do I log filenames in when a person uses scp or sftp

Hi ,

Am unable to log scp sessions , files scp'd from one location to other for hpux 11iv2 .

Have tried ssh_config. And the lines, 
SyslogFacility LOCAL3
LogLevel INFO

 

started syslog , but not getting logged .

 

 

P.S. This thread has been moved from HP-UX > System Administration to HP-UX > networking. - Hp Forum Moderator

0 Kudos
Reply
2 REPLIES 2
Matti_Kurkela
Honored Contributor

‎10-10-2013 12:43 AM

‎10-10-2013 12:43 AM

Solution

Re: How do I log filenames in when a person uses scp or sftp

ssh_config is the configuration file for the SSH client. It has no effect at all on incoming connections, and does not support keywords SyslogFacility nor LogLevel.

 

You'll need to edit sshd_config instead, and restart the main sshd daemon after making your changes.

Even so, the OpenSSH-style scp command is just piping the data over a SSH connection from one scp process to another: the sshd daemon will only see the command line used to start the scp command in remote mode, and cannot log more than that. The scp command itself has no facilities for logging at all.

 

However, if the other endpoint uses a SSH implementation that is not based on OpenSSH, it may actually use the SFTP protocol with a scp-style user interface. In that case, you can log all the file transfer operations by adding appropriate logging options to the Subsystem line in the sshd_config file. See "man sftp-server" for a list of available options.

 

Restarting the syslog daemon is only needed if you make changes to /etc/syslog.conf (and even so, restarting is overkill: sending a "kill -HUP" to the running syslogd process to make it re-read its configuration file is normally sufficient.)

 

If you modify /etc/syslog.conf, please note this recent thread too:

http://h30499.www3.hp.com/t5/System-Administration/Redirect-ssh-messages/m-p/6231513

MK
Reply
chindi
Respected Contributor

‎10-10-2013 05:48 AM

‎10-10-2013 05:48 AM

Re: How do I log filenames in when a person uses scp or sftp

Thanks Matti .
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.