On Sat 11 Sep 2021 at 16:02:30 (-0400), Greg Wooledge wrote:
> On Sat, Sep 11, 2021 at 02:44:13PM -0500, David Wright wrote:
> > As I understood the OP's first reply (to yourself), there are
> > remote logs available, not logged locally but sent by email:
> >
> > "/usr/sbin/logwatch --detail
On Sat, Sep 11, 2021 at 02:44:13PM -0500, David Wright wrote:
> As I understood the OP's first reply (to yourself), there are
> remote logs available, not logged locally but sent by email:
>
> "/usr/sbin/logwatch --detail low --mailto x...@domain.com"
I don't know anything about logwatch. But
On Fri 10 Sep 2021 at 17:55:59 (-0400), rhkra...@gmail.com wrote:
> On Friday, September 10, 2021 02:52:42 PM Dan Ritter wrote:
> > David Wright wrote:
> > > If you make a telephone call on speaker, and you have a tape recorder
> > > in the room recording the conversation, the speaker at the other
On Fri 10 Sep 2021 at 13:17:39 (-0400), Greg Wooledge wrote:
> On Fri, Sep 10, 2021 at 11:51:07AM -0500, David Wright wrote:
> > On Fri 10 Sep 2021 at 16:05:26 (+0100), Adam Weremczuk wrote:
> >
> > > Would it be possible for another host to log to syslog without a prior
> > > explicit manual
On Friday, September 10, 2021 02:52:42 PM Dan Ritter wrote:
> David Wright wrote:
> > If you make a telephone call on speaker, and you have a tape recorder
> > in the room recording the conversation, the speaker at the other end
> > of the call doesn't need to have permission for their words to be
David Wright wrote:
> On Fri 10 Sep 2021 at 16:05:26 (+0100), Adam Weremczuk wrote:
>
> > Would it be possible for another host to log to syslog without a prior
> > explicit manual configuration allowing that?
>
> If you make a telephone call on speaker, and you have a tape recorder
> in the
On Fri, Sep 10, 2021 at 06:10:59PM +0100, Adam Weremczuk wrote:
> On 10/09/2021 17:46, Greg Wooledge wrote:
>
> > Depends on which syslog daemon implementation you're using, I think.
>
> My environment: Linux deb10 5.4.44-1-pve #1 SMP PVE 5.4.44-1 (Fri, 12 Jun
> 2020 08:18:46 +0200) x86_64
On 10/09/2021 17:46, Greg Wooledge wrote:
Depends on which syslog daemon implementation you're using, I think.
My environment: Linux deb10 5.4.44-1-pve #1 SMP PVE 5.4.44-1 (Fri, 12
Jun 2020 08:18:46 +0200) x86_64 GNU/Linux
Pretty minimalistic set up.
Rsyslog 8.1901.0-1 out of the box, no
On 10/09/2021 17:51, David Wright wrote:
When you commence your call, both you and the person at the other end
probably exchange some pleasantries, which confirm that you're both
who you say you are. These all get recorded too.
Ssh is no different.
Are you saying these entries could belong to
On Fri, Sep 10, 2021 at 01:17:39PM -0400, Greg Wooledge wrote:
> It's not clear which syslogd the OP is using. It's not even clear to me
> what *operating system* they're using, since their systemctl status output
> has at least one line that mine (bullseye) does not have.
I just checked on a
On Fri, Sep 10, 2021 at 11:51:07AM -0500, David Wright wrote:
> On Fri 10 Sep 2021 at 16:05:26 (+0100), Adam Weremczuk wrote:
>
> > Would it be possible for another host to log to syslog without a prior
> > explicit manual configuration allowing that?
>
> If you make a telephone call on speaker,
On Fri 10 Sep 2021 at 16:05:26 (+0100), Adam Weremczuk wrote:
> Would it be possible for another host to log to syslog without a prior
> explicit manual configuration allowing that?
If you make a telephone call on speaker, and you have a tape recorder
in the room recording the conversation, the
On Fri, Sep 10, 2021 at 04:05:26PM +0100, Adam Weremczuk wrote:
> Would it be possible for another host to log to syslog without a prior
> explicit manual configuration allowing that?
Depends on which syslog daemon implementation you're using, I think.
On 10/09/2021 13:11, Greg Wooledge wrote:
Not matching what's in the file:
awk 'NR==25' /etc/ssh/sshd_config
awk 'NR==28' /etc/ssh/sshd_config
awk 'NR==29' /etc/ssh/sshd_config
# Lifetime and size of ephemeral version 1 server key
OK, so "it" is in fact "The warnings in syslog contain line
On Fri 10 Sep 2021 at 08:11:02 (-0400), Greg Wooledge wrote:
> On Fri, Sep 10, 2021 at 10:33:47AM +0100, Adam Weremczuk wrote:
> > Weeks later it happened again and I'm not any less puzzled:
>
> All right, now we're getting somewhere.
>
> Is it possible that these lines are being remotely
On Fri, Sep 10, 2021 at 10:33:47AM +0100, Adam Weremczuk wrote:
> Weeks later it happened again and I'm not any less puzzled:
What's "it"?
> /var/log/syslog
>
> Aug 28 10:12:30 deb10 sshd[145]: /etc/ssh/sshd_config line 25: Deprecated
> option UsePrivilegeSeparation
Fine, just comment out the
Hi all,
Weeks later it happened again and I'm not any less puzzled:
/var/log/syslog
Aug 28 10:12:30 deb10 sshd[145]: /etc/ssh/sshd_config line 25:
Deprecated option UsePrivilegeSeparation
Aug 28 10:12:30 deb10 sshd[145]: /etc/ssh/sshd_config line 28:
Deprecated option KeyRegenerationInterval
Adam Weremczuk writes:
> Installation and configuration was straightforward:
>
> sudo apt install logwatch
>
> /etc/cron.daily/00logwatch
> #execute
> /usr/sbin/logwatch --detail low --mailto x...@domain.com
Maybe run logwatch manually and with different options? Like with
--detail high or
On Mon 16 Aug 2021 at 16:49:16 (+0100), Adam Weremczuk wrote:
> Installation and configuration was straightforward:
>
> sudo apt install logwatch
>
> /etc/cron.daily/00logwatch
> #execute
> /usr/sbin/logwatch --detail low --mailto x...@domain.com
>
> The master config file
Installation and configuration was straightforward:
sudo apt install logwatch
/etc/cron.daily/00logwatch
#execute
/usr/sbin/logwatch --detail low --mailto x...@domain.com
The master config file /usr/share/logwatch/default.conf/logwatch.conf
left with defaults.
Only one report per day
On Mon, Aug 16, 2021 at 03:06:30PM +0100, Adam Weremczuk wrote:
> I run openssh 7.9p1-10+deb10u2 on Debian 10.10.
>
> Logwatch, which runs daily, occasionally (maybe 2-3 times per month) reports
> the following:
Sometimes you get warnings, and sometimes you don't? That's a red flag
right off
Hi all,
I run openssh 7.9p1-10+deb10u2 on Debian 10.10.
Logwatch, which runs daily, occasionally (maybe 2-3 times per month)
reports the following:
- SSHD Begin
Deprecated options in SSH config:
KeyRegenerationInterval - line 28
22 matches
Mail list logo