I was wondering, is there anyway I can change the appearance of sshd logs output in /var/log/sshderr.log and /var/log/sshd.log. Right now, its showing as such:
Code:
sshd[4857]: error: PAM: Authentication failure for it.sysadm from cijXXX.jp.mitsubishi-motors.com
sshd[4249]: Accepted keyboard-interactive/pam for root from 191.255.XXX.XXX port XXXXX ssh2
I am fine with the results above, but the customer had a weird request to ensure that IP addresses don't show up, instead they want "host names" to appear in the IP address column. Is this even possible?
My host file has a bunch of servers DNS added in it, so it makes sense if I SSH from box A to box B and the ssh logs print out host name instead of IP address. But I don't understand how to make this possible with the rest of the world! I already said no but they're not taking no for an answer
In the Suse box, most parameters in /etc/sshd/sshd_config are already commented out. I am using SUSE Linux Enterprise Server 10 (x86_64)
Appreciate if someone could help me out on this. Thank you
---------- Post updated at 01:13 PM ---------- Previous update was at 12:22 PM ----------
There's been an update for the request above.
So now would it be possible to identify the machine from where user ssh'd into the servers for both successful and failed logins?
e.g
Code:
sshd[5655]: Accepted keyboard-interactive/pam for root from 191.255.128.119 priti-pc port 55462 ssh2
Hello, I'm a newbie to unix. I just about have the Suse 10.1 installed. During set up it automatically detected components to access the internet. But failed. I lost now.
Any ideas?
Thank You (2 Replies)
Friends,
I made the installation of the ssh in the it conspires,
I configured in the ssh_config the following
parameters..
SyslogFacility AUTH
LogLevel INFO
that should generate sshd.log in the /var/log.... more no this generating.
Somebody could help myself in... (0 Replies)
Discussion started by: sandba
0 Replies
LEARN ABOUT SUNOS
nislog
nislog(1M) System Administration Commands nislog(1M)NAME
nislog - display the contents of the NIS+ transaction log
SYNOPSIS
/usr/sbin/nislog [-h num | -t num] [-v] [directory...]
DESCRIPTION
nislog displays the contents of the NIS+ server transaction log on the standard output. This command can be used to track changes in the
namespace. The /var/nis/trans.log file contains the transaction log maintained by the NIS+ server. When updates occur, they are logged to
this file and then propagated to replicas as log transactions. When the log is checkpointed, updates that have been propagated to the
replicas are removed.
The nislog command can only be run on an NIS+ server by superuser. It displays the log entries for that server only.
If directory is not specified, the entire log is searched. Otherwise, only those logs entries that correspond to the specified directories
are displayed.
OPTIONS -h num Display num transactions from the ``head'' of the log. If the numeric parameter is 0, only the log header is displayed.
-t num Display num transactions from the ``tail'' of the log. If the numeric parameter is 0, only the log header is displayed.
-v Verbose mode.
FILES
/var/nis/trans.log transaction log
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWnisu |
+-----------------------------+-----------------------------+
SEE ALSO nis+(1), rpc.nisd(1M), nisfiles(4), attributes(5)NOTES
NIS+ might not be supported in future releases of the SolarisTM Operating Environment. Tools to aid the migration from NIS+ to LDAP are
available in the Solaris 9 operating environment. For more information, visit http://www.sun.com/directory/nisplus/transition.html.
SunOS 5.10 12 Dec 2001 nislog(1M)
04-04-2012
