- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Redirect ssh messages
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2013 12:27 PM
10-09-2013 12:27 PM
I am running HP-UX 11.31 and trying to redirect ssh messages from the syslog.log to sshlog.log. From a forum discussion I tried the following:
(1) Enable the following lines in /opt/ssh/etc/sshd_config:
SyslogFacility AUTH
LogLevel INFO
(2) Stop sshd using the command /sbin/init.d/secsh stop
(3) Start sshd using the command /sbin/init.d/secsh start
(4) Add the following line to /etc/syslog.conf:
auth.info;mail.none /var/adm/syslog/sshd.log
(5) Change this line in /etc/syslog.conf:
from:
*.info;mail.none /var/adm/syslog/syslog.log
to:
*.info;auth.none;mail.none /var/adm/syslog/syslog.log
(6) Stop syslogd using the command /sbin/init.d/syslogd stop
(7) Start syslogd using the command /sbin/init.d/syslogd start
The ssh messages are no longer appearing in the syslog.log but I do not see the ssh.log. Are the steps I performed valid for HP-UX 11.31? Is there something wrong with the steps I performed?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2013 01:02 PM
10-09-2013 01:02 PM
SolutionYour steps sound good and are similar to one of the test systems I have access to.
The one caveat is your syslog.conf file. When you added the line for 'auth.info' did you hit the TAB key before specifying the file name? If not, that is your problem. The fields in syslog.conf **MUST** be separated by a TAB and nothing else.
Your line should be:
auth.info;mail.none<hit the TAB key here>/var/adm/syslog/sshd.log
Once you verify / modify that. Try stoppig and restarting syslog again and see what happens.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2013 01:15 PM
10-09-2013 01:15 PM
Re: Redirect ssh messages
Patrick,
Thank you for your reply. That resolved the issue. I am now seeing a ssh.log as well as a syslog.log. I will monitor the ssh.log to determine if the ssh messages appear.
Thanks Again,
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2013 01:24 PM - edited 10-09-2013 01:24 PM
10-09-2013 01:24 PM - edited 10-09-2013 01:24 PM
Re: Redirect ssh messages
Excellent news.
The syslog.conf file is the ONLY file I know of with the TAB requirement between fields. That is a very common problem.
To test the messages going to various log files you can always use the logger command.
To test auth.info going to your sshd.log file you can do:
# logger -p auth.info "This is a auth.info test message"
To test regular messages:
# logger "This is a test message"
For more information
# man logger