Re: Log ssh sessions using open source tools

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi Kaushal,

I'm the author of ssh-mitm (https://github.com/jtesta/ssh-mitm), which is a penetration testing tool for man-in-the-middling SSH connections.

If you can ARP spoof a client (or otherwise route connections for them), and if they ignore the changed host-key warning, then you can record the full connection stream. You will log their passwords as well (it doesn't work for key authentication, though). Full SFTP traffic is captured too.

It might be overkill for what you're trying to do, but I thought I'd mention it.

   - Joe

--
Joseph S. Testa II
Founder & Principle Security Consultant
Positron Security


On 11/3/18 1:08 PM, Kaushal Shriyan wrote:
Hi,

Are there any open source tools to keep track of ssh sessions? For example,
if a specific user is ssh logging to remote server and what commands or
scripts are being run. Basically, i need to log all users sessions.

Thanks in Advance and i look forward to hearing from you.

Best Regards,

Kaushal
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux