This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Enable logging remote ssh contacts


Le 27/04/2011 20:49, Fokke Nauta a Ãcrit :
Hi,

I don't have any ll in the shell. Not recognized.
So I can't see the
I have syslog-ng running. Should I replace that by autossh?

syslogd must be started before sshd... does it ?

let's try configuring both services differently :

# backup the actual configuration
cygrunsrv -VQ syslogd > syslogd.cfg
cygrunsrv -VQ sshd > sshd.cfg

# stop the services
cygrunsrv -E syslogd
cygrunsrv -E sshd

# remove the services
cygrunsrv -R syslogd
cygrunsrv -R sshd

# reconfigure the services using the .cfg parameters if different

# -y tcpip may be added but in this case, sshd should depend on
# syslogd sshd (see the alternative below)
cygrunsrv -I syslogd -p /usr/sbin/syslogd \
-d "CYGWIN syslog daemon" -u LocalSystem -w ''

# since tcpip doesn't start too early, syslogd has the time
# to start before sshd does...
cygrunsrv -I sshd -p /usr/sbin/sshd -a "-D" \
-d "CYGWIN ssh daemon" -f "8022" -u cyg_server -w <password> \
-y tcpip -e "CYGWIN=tty" # ntsec if XP, tty isn't necessary.

# alternative, don't touch the syslogd service but provide it
# as an sshd depedency...
cygrunsrv -I sshd -p /usr/sbin/sshd -a "-D" \
-d "CYGWIN ssh daemon" -f "8022" -u cyg_server -w <password> \
-y tcpip -y syslogd -e "CYGWIN=tty" # ntsec if XP, tty isn't necessary.

# start the services
cygrunsrv -S syslogd
cygrunsrv -S sshd

although, permission check (under vista at least, don't know under XP)

somebody@somewhere /var/log
v2$ ls -ld . messages
drwxrwxrwx+ 1 somebody None       0 Mar 31 00:38 .
-rw-rw-r--+ 1 SYSTEM   root 3495748 Apr  3 15:26 messages
----------^ note the + here => acl

somebody@somewhere /var/log
v2$ getfacl . messages
# file: .
# owner: somebody
# group: None
user::rwx
group::rwx
group:root:rwx
group:SYSTEM:rwx
mask:rwx
other:rwx
default:user::rwx
default:group::rwx
default:group:root:rwx
default:group:SYSTEM:rwx
default:group:Utilisateurs:r-x
default:mask:rwx
default:other:rwx

# file: messages
# owner: SYSTEM
# group: root
user::rw-
group::rw-
group:Utilisateurs:r-x
mask:rwx
other:r--

at last, I prefer the VERBOSE log level than the info one :

somebody@somewhere /var/log
v2$ grep Level /etc/sshd_config
LogLevel VERBOSE


Regards,

Cyrille Lefevre
--
mailto:Cyrille.Lefevre-lists@laposte.net



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]