On 2018-03-05, Stuart Henderson wrote:
> On 2018-03-05, Lars Noodén wrote:
>> I'm not able to get sshd(8) to use alternative loglevels, such as Debug3.
>>
>> When sshd(8) starts, it goes through the normal reporting regardless
>> of which LogLevel is set in sshd_config(5). Here is an excerpt from
>> /var/log/authlog showing the daemon starting and a first connection
>> from outside:
>
> The default for /var/log/authlog is auth.info. To get these through
> syslogd, you'll need something with .debug instead.
Ah ha. I hadn't looked there. Thanks for the patience.
$ grep -i authlog /etc/syslog.conf
auth.info /var/log/authlog
> (btw, some of the higher-level debug for SSH is fairly sensitive, you might
> prefer to log it to memory buffers rather than disk
That explains the syslogd(8) auth.info default.
> - set the -s flag to
> syslogd and then you can do things like "*.* :64:debug" and watch with
> "syslogc -f debug").
Neat.
It is clear now and I know what to do. Thanks.
/Lars
No comments:
Post a Comment