Logging and Debugging
As an SSH server runs, it optionally produces log messages to describe what it’s doing. Log messages aid the system administrator in tracking the server’s behavior and detecting and diagnosing problems. For example, if a server is mysteriously rejecting connections, one of the first places to look is the server’s log output.
By default, the SSH server writes log messages to syslog , the standard Unix logging service (see the sidebar, "The Syslog Logging Service“). For example, an SSH server typically announces its startup with log messages like:
Server listening on 0.0.0.0 port 22. Generating 768 bit RSA key. RSA key generation complete.
and a connection from a client is recorded with log messages like:
session opened for user rebecca by (uid=9005) Accepted publickey for rebecca from 10.1.2.3 port 1265 ssh2 session closed for user rebecca
specifies how the SSH server tags log messages:
The value is one of the (case-insensitive) syslog facility codes,
and the default is