Re: Log ssh sessions using open source tools

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 11/03/2018 06:08 PM, Kaushal Shriyan wrote:
> Are there any open source tools to keep track of ssh sessions? For example,
> if a specific user is ssh logging to remote server and what commands or
> scripts are being run. Basically, i need to log all users sessions.

Which part of the remote connection is the one you need audited? The
system(s) your users are ssh'ing *out* of, resp. the users themselves
("we need to review what our staff did to whatever customer system they
did support on"), the ones they're ssh'ing *into*, or just some subset
("privileged commands") of the activity on the latter?

For the last case, the use of individual accounts, "sudo", suitable
configurations(*), and the "sudoreplay" tool might give you out of the
box what OpenSSH alone would need to be heavily modified to do.

(*) Namely, making sshd log enough information to identify the incoming
users and making sudo use an I/O logging plugin.

https://www.sudo.ws/man/1.8.25/sudoers.man.html#I/O_LOG_FILES

Regards,
-- 
Jochen Bern
Systemingenieur

www.binect.de
www.facebook.de/binect

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux