Logging and Debugging
As an SSH server runs, it optionally produces log messages to describe what it’s doing. Log messages aid the system administrator in tracking the server’s behavior and detecting and diagnosing problems. For example, if a server is mysteriously rejecting connections, one of the first places to look is the server’s log output.
By default, the SSH server writes log messages to syslog , the standard Unix logging service (see the sidebar, "The Syslog Logging Service“). For example, an SSH server typically announces its startup with log messages like:[86]
Server listening on 0.0.0.0 port 22. Generating 768 bit RSA key. RSA key generation complete.
and a connection from a client is recorded with log messages like:
session opened for user rebecca by (uid=9005) Accepted publickey for rebecca from 10.1.2.3 port 1265 ssh2 session closed for user rebecca
The SyslogFacility
keyword
specifies how the SSH server tags log messages:
SyslogFacility LOCAL3
The value is one of the (case-insensitive) syslog facility codes,
and the default is AUTH
.
Get SSH, The Secure Shell: The Definitive Guide, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.