Dear Laurelai, >> I do not think that sshd normally logs its source. ... To produce the >> desired log, I added to /etc/hosts.allow the line >> sshd : all : spawn /usr/bin/logger -t"%d[%p]" "Connection source %h port %r" > > Don't most modern Linux distros log sshd by default? If for whatever > reason yours doesn't you can set the log level in the sshd config.
My Debian sshd comes with "LogLevel INFO" in /etc/ssh/sshd_config. I never found documentation on what a "LogLevel VERBOSE" would do, so never changed it; my hosts.allow line does exactly what I want, and a similar line can do it for telnetd also. (Don't laugh...) Cheers, Paul Paul Szabo [email protected] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
