What I am aiming for is a way to be able to set up ssh(1) logging
entirely from within ssh_config(5) without needing additional runtime
options.
Currently SyslogFacility in ssh_config(5) only sets the facility code
but does not actually change the logging to use syslog(3) and so
setting SyslogFacility is only useful in conjuction with the -y
option. If setting SyslogFacility implies -y for ssh(1) then the
whole thing can be set from ssh_config(5), keeping all the adjustments
in one place.
The following illustrates what I am trying to describe.
/Lars
Index: src/usr.bin/ssh/ssh.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/ssh.c,v
retrieving revision 1.464
diff -u -p -u -r1.464 ssh.c
--- src/usr.bin/ssh/ssh.c 21 Sep 2017 19:16:53 -0000 1.464
+++ src/usr.bin/ssh/ssh.c 25 Sep 2017 16:11:29 -0000
@@ -958,6 +958,8 @@ main(int ac, char **av)
* Initialize "log" output. Since we are the client all output
* goes to stderr unless otherwise specified by -y or -E.
*/
+ if (options.log_facility != SYSLOG_FACILITY_NOT_SET)
+ use_syslog = 1;
if (use_syslog && logfile != NULL)
fatal("Can't specify both -y and -E");
if (logfile != NULL)
Index: src/usr.bin/ssh/ssh_config.5
===================================================================
RCS file: /cvs/src/usr.bin/ssh/ssh_config.5,v
retrieving revision 1.256
diff -u -p -u -r1.256 ssh_config.5
--- src/usr.bin/ssh/ssh_config.5 21 Sep 2017 19:16:53 -0000 1.256
+++ src/usr.bin/ssh/ssh_config.5 25 Sep 2017 16:16:02 -0000
@@ -1489,6 +1489,9 @@ known hosts will be verified automatical
.It Cm SyslogFacility
Gives the facility code that is used when logging messages from
.Xr ssh 1 .
+Begins logging using the
+.Xr syslog 3
+system module.
The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
The default is USER.
