Re: Log ssh sessions using open source tools

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Well, one way might be to have strace active on the ssh process. You can only log program executions like this:

  strace -f -p <pid of process> -v -e execve -o <logfile>

Though you'll need'l to know the parent/child relationships and user IDs, as well as file descriptors, so there should be fork,clone,open,close,openat,dup,dup2,setuid,seteuid,setreuid and perhaps a few others in the set of traced syscalls.

I guess that a "restricted shell" might be another way; or, if you have cooperation of the users involved, a simple "force-command" involving "script" (1) might work as well.

If you are not sure about users' cooperation, you'll need some protected process - like the strace running as uid 0.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux