Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: isaac van den berg on February 26, 2003, 03:29:49 PM
-
hi,
I looked around but could not find it:
Can I access vpn and ssh specific logfiles to check which users (tried to) connect to the e-mith server? I'm using V5.5
TIA Isaac
-
I don't know about VPN, but for SSH you can do the following for logging or notification by email. I can't trace back where I got it from, but it's been useful to me (I think from older discussions in this forum).
Loek
CREATE SCRIPT FOR NOTIFICATION OF SSH ACTIVITY
Create a file ssh-notification.sh in the following dir
(e.g. echo >>ssh-notification.sh)
/etc/profile.d/ssh-notification.sh
Set access rights as follows:
-rwxr-xr-x 1 root root 113 Jun 14 09:40 ssh-notification.sh
Contents of file:
A. To automatically receive an email when somebody logs in using SSH
if [ "$SSH_CLIENT" ]; then
mail -s "SSH: $USER from $SSH_CLIENT" admin <
EOF
fi
B. To create a log file of SSH access
#!/bin/sh
if [ "$SSH_CLIENT" ]; then
echo "SSH: $USER from $SSH_CLIENT on date" >> /var/log/ssh_access.log
fi
Log file /var/log/ssh_access.log looks like this:
SSH: root from 192.168.1.70 1985 22 on Fri Jun 14 09:40:26 PDT 2002
and is of course easily viewable via the server-manager, View log files panel.
-
server-manager > view log files > messages
you could filter sshd for clarity
-
I'm looking for the same info, I can see in the log files where people try to connnect via vpn, but need to know which users are trying to connect. Any ideas??
-
When viewing the message log, just put 'pppd' into the filter. That will show you user who is connecting via a VPN connection. It also will let you see when the user disconnected from the VPN.