Date: Thu, 23 Apr 1998 15:14:37 -0400 From: Gary Schrock <root@eyelab.psy.msu.edu> To: Jan Koum <jkb@best.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: any way to make ssh logins log to messages? Message-ID: <199804231912.PAA08936@eyelab.psy.msu.edu> In-Reply-To: <Pine.BSF.3.96.980423114611.2715B-100000@shell6.ba.best.com > References: <199804231712.NAA08084@eyelab.psy.msu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
At 11:50 AM 4/23/98 -0700, you wrote:
> Of course. Look at /etc/sshd_config and where it say
>SyslogFacility, change whatever second word is there to AUTH,
> then, add the following line to /etc/syslog.conf:
>auth.* /var/log/authlog
> make sure to use tabs ("man 5 syslog.conf"). Then do "touch
>/var/log/authlog", chown it the way you like it, chmod to 640 and restart
>syslogd (or HUP it -- "man kill").
> BTW, why does by default FreeBSD wouldn't have auth.* in it's
>syslog.conf? Is there a reason for it? Ugh.. this better be asked in
>-security list.
Yup, works like a charm. Hmm, the reason I might have remembered this info
being logged before is I think in 2.1-stable it *was* logged by default, I
guess 2.2-stable dropped that for some reason.
>P.S. -- Don't use root for eMails. :)
Yeah, yeah, it's just too much of a pain to change it at this point :).
Although (and this really would belong on -security) I'd be interested in
hearing exactly why this would really cause any more problems than not
using root. I don't actually read the mail on the system, so I can't think
of any reason it would open things up to problems more.
Gary Schrock
root@eyelab.msu.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804231912.PAA08936>