PDA

View Full Version : Chroot SFTP Session Logging



noelpaul
21-Feb-2013, 09:01
Hi All,

I have configured my SLES 11 SP 1 server to perform chrooted SFTP session which works fine. I'm trying get internal-sftp to log the actual sftp session. Has anyone been able to do this or can anyone point me to a doc. that contains the info.

Currently my /etc/ssh/sshd_config looks has the following:

Subsystem sftp internal-sftp -f AUTH -l VERBOSE

Match group sftponly
ChrootDirectory /u01/sftp-chroot/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp -f AUTH -l VERBOSE


Thanks.

noelpaul
22-Feb-2013, 02:49
After doing a bit more research, all I had to do was create a domain socket in each chroot user directory. I am using syslog-ng for system logging:

# mkdir /u01/sftp-chroot/<username>/dev
# syslog-ng -a /u01/sftp-chroot/<username>/dev/log

Then modify /etc/syslog-ng/syslog-ng.conf to channel the sftp session logs to wherever you want.