Mustafa.
You are right. Regardless the log file name you define in the ssh service, it doesn't take it into account. The only difference between your system and mine is that, although not having TCPIP$SSH_RUN.LOG (the 'official' log file name), whenever I shutdown and start the service, a new version of that file is created (I have done some tests deleting my current TCPIP$SSH_RUN.LOG files and seen that the first version of this file is created and the information logged, although I had defined a different log file name).
I have checked the TCPIP$SYSTEM:TCPIP$SSH_RUN.COM file to see any references to the log file and it seems that it checks for the presence of TCPIP$SSH_RUN.LOG file as a log file, but it's not clear what it does when this file is not at that directory (although in the practice it is created).
I have discovered (from the SYS$MANAGER:TCPIP$CONFIG.COM file) that the syntax to define the log file is slightly different as I told you. It should be:
$UCX SET SERVICE SSH/LOG=(FILE:TCPIP$SSH_DEVICE:[TCPIP$SSH]SSHD.LOG,ALL)
I have tested with this definition and no changes from the previous tests.
I don't know why your system doesn't create, at least, the default log file TCPIP$SSH_RUN.LOG. Perhaps:
* A file protection problem? -enable security alarms whenever starting the service-.
* A TCPIP version problem?. My version is:
HP TCP/IP Services for OpenVMS Alpha Version V5.4 - ECO 6 on a AlphaServer 4000 5/400 4MB running OpenVMS V7.3-2
If I find more information I'll let you knos.
Regards.
Ana
