From owner-freebsd-questions@FreeBSD.ORG Tue Jul 24 17:28:42 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 210A816A421 for ; Tue, 24 Jul 2007 17:28:42 +0000 (UTC) (envelope-from jjfitzgerald@gmail.com) Received: from fk-out-0910.google.com (fk-out-0910.google.com [209.85.128.184]) by mx1.freebsd.org (Postfix) with ESMTP id A1BA713C442 for ; Tue, 24 Jul 2007 17:28:41 +0000 (UTC) (envelope-from jjfitzgerald@gmail.com) Received: by fk-out-0910.google.com with SMTP id b27so226573fka for ; Tue, 24 Jul 2007 10:28:40 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=lFWyTNx/5HUsjI2cXiDORJwVS43NAs9/JeAFAhLS6vifPYyOreC2WhMksbHWfHE5UZGTzC4jC3Rw36HaMez5D/ax+xjBQWl0ZQOvlu8RhKd7gDarldfFSp1Gj6OvwHEMJjsNTzyBiQU5Xo1PkyAka7OL0SMBwWcLY4/7Z3GV8qc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=W9QjHCbLwZbCNZmDQJqvTLrEgeUAspWv3CQzG6lV3RxSApjEJuiAgtpW2cWUTfJp4j+2Teftii8cz1GrzBt7qo1Bz3LPHY87uzmbsy/RBZtSdgERitOhzK1J5AInfWC6oP1WqqNGjAFg42t7DBpFSt5R4z7zJT5XFkmZyGvIYYY= Received: by 10.82.136.4 with SMTP id j4mr3492519bud.1185298119941; Tue, 24 Jul 2007 10:28:39 -0700 (PDT) Received: by 10.82.162.9 with HTTP; Tue, 24 Jul 2007 10:28:39 -0700 (PDT) Message-ID: <5e49673f0707241028nac3c3d8va28e1f9c8b617865@mail.gmail.com> Date: Tue, 24 Jul 2007 13:28:39 -0400 From: "John Fitzgerald" To: "Ian Lord" In-Reply-To: <050b01c7ce16$960a0570$6400a8c0@msdi.local> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <050b01c7ce16$960a0570$6400a8c0@msdi.local> Cc: freebsd-questions@freebsd.org Subject: Re: Root access loggin X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jul 2007 17:28:42 -0000 You can patch bash to log commands to syslog/remote/etc: http://64.233.169.104/search?q=cache:y0SGTs8EoTYJ:www.linux.it/~carlo/somehacks/bup/bash-2.05b-syslog_udp01.patch+bash+perassi&hl=en&gl=us&strip=1 I set this up on a few machines and it's not too hard. You can also run a cron job to see when/who is logged in (w + netstat, for instance) and then send an email/text message, so he can't login and get rid of the logger without you knowing it. Or for the more elaborate setup: http://www.honeynet.org/tools/sebek On 7/24/07, Ian Lord wrote: > Hi, > > > > A Zend technician asked me to have a root access on one of my box to > troubleshoot something wrong in Zend Platform installation that doesn't work > on Freebsd. > > > > He will need root access naturally to install and debug remotely. > > > > Is there a way to log all the commands he will type and send them in a > logfile ? > > > > Or is there a better solution than granting him root access from ssh ? > > > > Thanks > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >