Question
How do you enable SFTP logging?
Answer
OpenSSH versions 4.4p1 and above have SFTP logging capability built in, but it's not enabled by default. You will be able to configure it in this way:
- Log in to your server via SSH as
root Find this line in your sshd_config (in CentOS, the file is at:
/etc/ssh/sshd_config):CONFIG_TEXT: Subsystem sftp /usr/libexec/openssh/sft
and change it to:
CONFIG_TEXT: Subsystem sftp /usr/libexec/openssh/sftp-server -l INFO
Note: INFO is just one level of detail over what you're seeing by default - it provides detailed information regarding file transfers, permission changes, etc. If you need more information, then you can adjust the log level accordingly. The various levels, in order of detail, are:
QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3VERBOSEis a more reasonable level of information for most troubleshooting situations. Anything above VERBOSE is usually reserved for specific troubleshooting tasks.Restart the SSH service to update the changes:
# /scripts/restartsrv_sshd
The location of the log file depends on the Syslog configuration (/etc/rsyslog.conf), but the default log file location is usually the system log file /var/log/messages (CentOS).
Comments
0 comments
Article is closed for comments.