Hi Scott,
Logger function may help.
It is good to know that IBM plans to add Exit Point for SSH.
Thanks,
Zvi
--- On Tue, 8/31/10, Scott Klement <midrange-l@xxxxxxxxxxxxxxxx> wrote:
From: Scott Klement <midrange-l@xxxxxxxxxxxxxxxx>
Subject: Re: SSH Client to syslog: How to send
To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
Date: Tuesday, August 31, 2010, 9:28 AM
Hello Zvi,
You can find field of LogLevel in ssh_config - which seems to me that
it reports to syslog. Am I right?
In my documentation, it states that LogLevel controls the verbosity
level. (Such as "Only show fatal errors?" "Show warnings?" "Show
debugging messages?" etc.) I don't see anything that correlates it with
syslog...
Normally syslog would be used for a daemon. (a "server" job that has no
"screen" for the user to see.) This is typically done because there's
nobody sitting in front of it to see the error messages, and indeed no
screen to print them on. So you log them, and an admin or operator will
be monitoring all of the various logs for the system.
The idea of using syslog for a client seems strange to me. Now I can't
say for certain that it's not available (I'm not familiar with every
feature of SSH) but I've sure never done it, or heard of anyone doing
it, and I can't find any mention of syslog in the docs.
I am trying to prepare a tool with some security alerts for various events.
It can be nice to add client failures in addition to server failures to this tool.
If you think that it is an issue, I give up.
If you are writing scripts that automate the ssh process, you could
capture these messages and forward them to syslog. (This would be a
fairly common thing on Unix... you'd just direct stderr to the logger
program... but unfortunately, the logger program on IBM i goes to QHST
instead of syslog.)
But, AFIAK, error messages are normally meant to be printed on the
user's screen, not sent to syslog.
To be certain, I'd suggest contacting IBM. I did hear that they were
planning to add exit points to SSH (something that _definitely_ doesn't
exist in the stock OpenSSH code... a totally alien concept to Unix
people.) Or, perhaps contact the OpenSSH team -- they could tell you
for certain whether syslog is ever available on the client side.
All I can tell you is that I've never seen or heard of it.
As an Amazon Associate we earn from qualifying purchases.