On Tue, Apr 4, 2023 at 6:10 AM Damien Miller <djm@xxxxxxxxxxx> wrote: > > On Tue, 4 Apr 2023, Nico Kadel-Garcia wrote: > > > > We've been asked about this a number of times before - the problem is > > > that utmp is really set up to record interactive logins that have a > > > TTY/PTY assigned. There is AFAIK no real standard for recording > > > "service logins" (e.g. sftp or SSH command execution w/o TTY) in utmp > > > and many OS utmp implementation lack fields by which this could be > > > communicated. > > > > > > IIRC we toyed with recording something fake like "sftp" in ut_line > > > but that caused problems as none of the other tools were set up to > > > accept it. > > > > sftp has some awkward limitations, as does scp. It's why I prefer were > > possible to use rsync-over-SSH, and we can restrict the rsync options > > quite heavily. It's even possible to chroot wrap, though that toolkit > > has not been well maintained. > > rsync doesn't solve the problem being presented here, as it runs without > a PTY and so never ends up being recorded in utmp either. rsync over SSH can be configured in sshd_config to record the use of public SSH keys. I don't normally set up such a restricted service on the standard SSH daemon or the standard SSH port, mostly to keep the logs very distinct. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
