Logging¶
We leverage the logging capabilites of OpenSSH. It can use syslog
,
and since we (might) run the sftp-server
in a chroot environment,
the syslog socket /dev/log
is not found.
Here are a few steps to create it. Let’s say we want to get the logs
for the user john. Create the directory /ega/inbox/john/dev
(since /ega/inbox/john
is the home directory for john
).
Install rsyslod
, and configure it by creating the file
/etc/rsyslog.d/sftp.conf
with
# create additional sockets for the sftp chrooted users
module(load="imuxsock")
input(type="imuxsock" Socket="/ega/inbox/john/dev/log" CreatePath="on")
# log internal-sftp activity to sftp.log
if $programname == 'internal-sftp' then /var/log/sftp.log
& stop
This will create the /dev/log
socket in the environment where the
ssh daemon in running (ie, in john’s home directory).
Finally, you can update the LogLevel setting in the
/etc/ega/sshd_config
configuration file, or pass it as
command-line argument with -o LogLevel=<level>
. INFO
and
VERBOSE
are useful examples of LogLevel.
You should now see the logs in /var/log/sftp.log
.
Note
While compiling and installing use make && make install
,
you can see more output information by compiling the ega-sshd with
more output, using make debug1
, make debug2
or make
debug3
.