Introduction
This guide explains how you may enable debug logging for SSHD.
Please keep in mind that the management and maintenance of configurations for services that cPanel does not create and provide such as the SSHD service, are tasks that are best handled by a systems administrator with the skills, training, and expertise required to do so for you. Although this configuration is not related to cPanel or the basic configuration of cPanel, we would like to offer this information as a courtesy.
Procedure
- Login to the server as the root user via Terminal, or Console access.
NOTE: While these steps are possible when accessing the server via SSH, it is best practice to use a method of access other than SSH because an accidental typo or other problematic edit to the SSHD configuration file can sever your connection to the server while you are using SSH. - Make a backup of the existing configuration with the following command:
cp -v /etc/ssh/sshd_config{,$(date +.%Y-%b-%d-%H-%M-%S)} - Open the configuration with a text editor of your choice:
/etc/ssh/sshd_config
- Add the following configuration to the file:
LogLevel DEBUG3
NOTE: Review of the manual page on your server will provide additional options if this does not meet your verbosity needs:
man sshd_config
- Carefully inspect the configuration to see if there are any duplicate LogLevel directives that had existed previous to your addition. If there is another configuration already present, comment it out by placing a hash symbol (#) at the start of the line like this:
#LogLevel INFO
- Restart the SSH Daemon (SSHD) with the following command to load the new configuration:
/scripts/restartsrv_sshd --restart
- The logs for SSHD can be reviewed with one of the of the following commands:
less /var/log/secure
journalctl -u sshd