Date: Wed, 12 Jan 2000 17:07:20 +0100 (MET) From: Richard Nyberg <su98-rin@nada.kth.se> To: Tony Wells <awells@journalstar.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: sshd and syslogd Message-ID: <Pine.GSO.3.95.1000112165941.27850A-100000@musik07.nada.kth.se> In-Reply-To: <387B7288.8A5D24F5@journalstar.com>
next in thread | previous in thread | raw e-mail | index | archive | help
You have to put the 'auth.*'line somwhere above the '!startslip' line. The lines beginning with '!' starts a new section. You can also try to log authpriv.* messages. If the file authlog doesn't already exist you must create it before syslog can use it. Just do 'touch /var/log/authlog'. /Richard Tony Wells wrote: > I tried what you suggested, but still don't see messages from sshd in > /var/log/authlog; I still see login failures from telnet in > /var/log/messages. I rebooted the machine after I made the changes just > to make sure everybody read the changed config files. ~> Could I have a conflict in syslog.conf? The contents of syslog.conf are > listed below: > > # $FreeBSD: src/etc/syslog.conf,v 1.9.2.1 1999/08/29 14:19:02 peter Exp > $ > # > # Spaces are NOT valid field separators in this file. > # Consult the syslog.conf(5) manpage. > *.err;kern.debug;auth.notice;mail.crit /dev/console > *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages > mail.info /var/log/maillog > lpr.info /var/log/lpd-errs > cron.* /var/cron/log > *.err root > *.notice;news.err root > *.alert root > *.emerg * > # uncomment these if you're running inn > # news.crit /var/log/news/news.crit > # news.err /var/log/news/news.err > # news.notice > /var/log/news/news.notice > !startslip > *.* /var/log/slip.log > !ppp > *.* /var/log/ppp.log > auth.* /var/log/authlog > > Richard Nyberg wrote: > > > > My configuration: > > > > In sshd_config: > > > > SyslogFacility AUTH > > > > In syslog.conf: > > > > auth.* /var/log/authlog > > > > This puts all sshd messages _and_ all other auth messages in > > /var/log/authlog > > > > /Richard Nyberg > > > > > Does anyone know the magic to get sshd to log to /var/log/messages via > > > syslogd? I'm most interested in seeing the cause of failed connections. > > > > > > TIA > > > Tony Wells > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.3.95.1000112165941.27850A-100000>