On 2018-02-19 16:52, john doe wrote:
Isn't pam enough?:
No need to install anything and it's quite versatile.
Yes, this is in line with the other suggested options such as snoopy or
pam_tty_audit. It could work as audit system, but it seems to me as a
solution for more structured and corporate environment.
In the described case I would like a solution that store record the
session in a safe way, immutable and trustable, therefore encrypting all
(only the owners have to be able to read it) and hosted on a read only
resource (the user who logins should not be able to delete it) and
I think that with pam there is the risk that a user with full access
right could easily delete all the logs. Or that the log could be altered