I was wondering, is there anyway I can change the appearance of sshd logs output in /var/log/sshderr.log and /var/log/sshd.log. Right now, its showing as such:
I am fine with the results above, but the customer had a weird request to ensure that IP addresses don't show up, instead they want "host names" to appear in the IP address column. Is this even possible?
My host file has a bunch of servers DNS added in it, so it makes sense if I SSH from box A to box B and the ssh logs print out host name instead of IP address. But I don't understand how to make this possible with the rest of the world! I already said no but they're not taking no for an answer
In the Suse box, most parameters in /etc/sshd/sshd_config are already commented out. I am using SUSE Linux Enterprise Server 10 (x86_64)
Appreciate if someone could help me out on this. Thank you
---------- Post updated at 01:13 PM ---------- Previous update was at 12:22 PM ----------
There's been an update for the request above.
So now would it be possible to identify the machine from where user ssh'd into the servers for both successful and failed logins?
it is not a very bright idea to me. you can try with syslog-ng but im not sure.even if you can able to the dns resolution so it requires extra times and may create the tail of the log.you must tell to him.
I agree with you, because already IP addresses are captured and I hate to mess up something I don't know how to fix later. But if I were to do it, how do i go by it? My sshd setting in syslog-ng.conf.in is as such:
Which config file do i add that to...my nsswitch conf file?
---------- Post updated at 11:05 AM ---------- Previous update was at 10:39 AM ----------
hi again ygemici
I edited my options in /etc/syslog-ng/syslog-ng.conf.in and run SuSEconfig command after adding the options you provided but at best I am still getting IPs instead of DNS so I am guessing these IP addresses are not mapped to the DNS of this server
Somehow I think this is impossible to achieve both outputs, I can either have hostname or IP showing. Can you show how me how you manage to get IP and hostname?
Last edited by hedkandi; 04-05-2012 at 11:34 PM..
Reason: typo
Friends,
I made the installation of the ssh in the it conspires,
I configured in the ssh_config the following
parameters..
SyslogFacility AUTH
LogLevel INFO
that should generate sshd.log in the /var/log.... more no this generating.
Somebody could help myself in... (0 Replies)
Hello, I'm a newbie to unix. I just about have the Suse 10.1 installed. During set up it automatically detected components to access the internet. But failed. I lost now.
Any ideas?
Thank You (2 Replies)