Yep saw that. It raises two questions though. 1) Can I redirect that syslog output to another system, that is have all my partitions syslog to ONE partition?

If so, How?

The sshd_config file seems only to allow a few tweaks but no configuration of where to send the syslog messages.

- Larry "DrFranken" Bolhuis - Personal Development IBM i timeshare service. - Commercial IBM i Cloud Hosting.

On 8/18/2015 3:12 PM, Steinmetz, Paul wrote:


Check if you have SSHD setup for logging.


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Vernon Hamberg
Sent: Tuesday, August 18, 2015 2:59 PM
To: Midrange Systems Technical Discussion
Subject: Re: QAUDJRN entry for failed password attempts with SSH

Larry - is SSH running in PASE? If so, I would not expect much in the audit journal, as PASE knows nothing about that. It's like those who want exit points for sftp and all.

But PASE (AIX) might have some logging of this kind of thing - that a WAG for sure on my part.


On 8/18/2015 1:39 PM, DrFranken wrote:
I get these for TELNET (Code T Type PW) I get these for FTP I get
these for the http: *ADMIN server I get them with System i Navigator

I get them with SSH *IF* they are attempting a VALID user profile.

I get NOTHING with SSH if they try root or admin etc. Anyone know
where I can turn that on or where to look for this type of failed
attempt to authenticate with SSH on i?

In this case I'm testing on i 7.1

This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].