|
|
|
|
|||||||
| Forums | Portal | Register | Forum Rules | FAQ | Contribute | Members List | Arcade | Search | Today's Posts | Mark Forums Read |
| UNIX for Advanced & Expert Users Advanced UNIX and Linux questions go here. Expert-to-Expert. |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Control and keep an eye on many VNC sessions at once | iBot | UNIX and Linux RSS News | 0 | 04-30-2008 01:30 AM |
| Users Are Getting Kicked out of 2Hr Sessions | Sarccastik Dude | AIX | 2 | 07-23-2007 07:07 PM |
| Creating multiple sessions | stevefox | Shell Programming and Scripting | 2 | 04-07-2006 08:37 AM |
| AIX Login sessions | rramanuj | AIX | 1 | 05-16-2005 05:21 AM |
| C programming sessions | eleia | High Level Programming | 1 | 03-25-2002 09:14 PM |
 |
|
|
Submit Tools | LinkBack | Thread Tools | Search this Thread | Display Modes |
|
#1
11-06-2007
|
||||
|
||||
|
How to monitor SSH sessions
Hi All
Is it possible to log and monitor user activities in a SSH session. Is there any configuration or a patch to apply ?. Im currently using OpenSSH with AIX 5.3L and my syslog.conf includes auth.* /var/log/sshd/auth.log and in sshd_config it shows SysLogFacility AUTH LogLevel VERBOS but no log file can find under /var/log/sshd can anyone help me regarding this Thank You -Anuradha 
|
| Forum Sponsor | ||
|
|
|
#2
11-06-2007
|
||||
|
||||
|
This is how you can do it
1) Change the users shell to something else like /bin/myscript (a script that you will write) 2) That script will actually log everything in a text file (in a weird place that he wont be able to guess) and process all the commands from the shell he/she was using earlier So basically its a wrapper around the shell 3) Stop user to change shells using sudo or other means Basically this is not a foolproof plan as the user will be able to change the file since he will have the same access rights as the logshell Let me think if there is another way of doing it ~Sage Last edited by s4g3; 11-06-2007 at 06:27 AM.
|
|
#4
11-08-2007
|
||||
|
||||
|
Thank you very much for your replies sage...
 I created a script and pointed it as my default shell.. also i added the script location to /etc/shells but chsh <user> /usr/bin/myscript failled with 3004-635 Error setting shell for "anu" to "/usr/bin/wrap" : Value is invalid. the script works fine and can my script work as a shell ? here is the script #! /bin/ksh OPERATION= LOGFILE="./log" OPTIONS="$@" echo "`date` + `whoami` + $OPTION "$@"" >> $LOGFILE exec $OPERATION "$@" Thank You -Anuradha
|
|
#5
10-02-2008
|
|||
|
|||
|
Allowing a custom script as a shell in AIX
A little untimely given how long ago you posted this but for those who follow:
You have to edit the allowable shells in your /etc/security/login.cfg usw: shells = /bin/sh,/bin/bsh,/bin/csh,/bin/ksh,/bin/tsh,/bin/ksh93,/usr/bin /sh,/usr/bin/bsh,/usr/bin/csh,/usr/bin/ksh,/usr/bin/tsh,/usr/bin/ksh93,/usr/bin/ rksh,/usr/bin/rksh93,/usr/sbin/uucp/uucico,/usr/sbin/sliplogin,/usr/sbin/snappd Add yours to the list. Edit: I noticed that if I made the change directly to the /etc/passwd line then tried the chsh it always gave me the "Value is invalid" error even if I put in a normal shell like /bin/ksh, so if you made the change manually prior you have to correct it first before using the kosher method... Last edited by low351; 10-02-2008 at 09:44 AM.
|
|||
| Google The UNIX and Linux Forums |
Linear Mode
