Sunday, March 16, 2014

Enable Logging for SFTP sessions




To enable logging of your sftp sessions

Replace the susbsystem line in your /etc/ssh/sshd_config with
Subsystem    sftp    /usr/libexec/openssh/sftp-server -f LOCAL5 -l INFO
Add the following to /etc/syslog.conf or  /etc/rsyslog.conf
#sftp logging
local5.*                        /var/log/sftpd.log
Restart the sshd and syslog/rsylog services,
sftp sessions should now be logged to /var/log/sftpd.log
at 5:04 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)