SSH
説明 [#cc4c9d34]
デフォルトではログイン・ログアウトしかSFTPの作業ログは出力されません。
そこで作業ログをsyslogに出力する手順です。
手順 [#i9d07758]
# cd /etc/ssh
# cp -p sshd_config sshd_config.`date +%Y%m%d`
# vim sshd_config
- Subsystem sftp /usr/libexec/openssh/sftp-server
+ Subsystem sftp /usr/libexec/openssh/sftp-server -l VERBOSE
# /usr/sbin/sshd -t
なにも出力されなければOK
# service sshd restart
出力内容例 [#y6a981a1]
Jul 16 11:25:14 TESTSVR01 sftp-server[31972]: session opened for local user testuser01 from [192.168.100.101]
Jul 16 11:25:14 TESTSVR01 sftp-server[31972]: received client version 3
Jul 16 11:25:14 TESTSVR01 sftp-server[31972]: realpath "."
Jul 16 11:25:17 TESTSVR01 sftp-server[31972]: opendir "/home/testuser01"
Jul 16 11:25:17 TESTSVR01 sftp-server[31972]: closedir "/home/testuser01"
Jul 16 11:25:24 TESTSVR01 sftp-server[31972]: session closed for local user testuser01 from [192.168.100.101]
Jul 16 11:25:52 TESTSVR01 sftp-server[31990]: session opened for local user testuser01 from [192.168.100.101]
Jul 16 11:25:52 TESTSVR01 sftp-server[31990]: received client version 3
Jul 16 11:25:52 TESTSVR01 sftp-server[31990]: realpath "."
Jul 16 11:25:53 TESTSVR01 sftp-server[31990]: opendir "/home/testuser01"
Jul 16 11:25:53 TESTSVR01 sftp-server[31990]: closedir "/home/testuser01"
Jul 16 11:26:14 TESTSVR01 sftp-server[31990]: opendir "/home/testuser01"
Jul 16 11:26:14 TESTSVR01 sftp-server[31990]: closedir "/home/testuser01"
Jul 16 11:26:24 TESTSVR01 sftp-server[31990]: open "/home/testuser01/html.zip" flags WRITE,CREATE,TRUNCATE mode 0640
Jul 16 11:26:27 TESTSVR01 sftp-server[31990]: close "/home/testuser01/html.zip" bytes read 0 written 6673933
Jul 16 11:26:33 TESTSVR01 sftp-server[31990]: lstat name "/home/testuser01/mailsend.php"
Jul 16 11:26:33 TESTSVR01 sftp-server[31990]: stat name "/home/testuser01/mailsend.php"
Jul 16 11:26:33 TESTSVR01 sftp-server[31990]: open "/home/testuser01/mailsend.php" flags READ mode 0666
Jul 16 11:26:33 TESTSVR01 sftp-server[31990]: close "/home/testuser01/mailsend.php" bytes read 1519 written 0