I'm co-managing a server with a friend of mine offering ourself some basic service (like emails, file sharing, etc). At this time each of us can freely login on the server via ssh (we trust each others) for the daily administrative tasks.

I would like to improve the current set up by adding a layer of certification and proofing of the ssh session, because if you know that you are recorded you'll be enforce to behave better. For this scope I've found many different possible solution, but quite complex to be implemented (like ssh proxy that records the session [1]), or too basic (like using /usr/bin/script). So far none of those that I've found satisfy me.

About that I remember that some time ago (maybe one or two years ago) I read a post on planet debian about such a method for session audit. It was suggesting as an easy to run solution for external consultant: the recording and encrypting of the remote session was performed without requiring any proxy, letting to store the session data on a dumb external host. From what I could remember I think that the idea was something like recording the session with script like utilities (launched at session login), then periodically encrypting it with gpg and publishing on a local folder or on a remote resource. This way the owner of the system could reliably access the session log, and the remote person could always prove what he did at during the ssh session.

Do you know about that solution? Or could you suggest something similar?

Thank you,


[1] ssh proxy solutions: ssh-bastion, KeyBox

Reply via email to