logging all activity?
Paul Fox
pgf at brightstareng.com
Tue Aug 8 10:45:11 WST 2006
rob wrote:
> On Monday 07 August 2006 9:40 am, Matt Johnston wrote:
> > On Mon, Aug 07, 2006 at 09:17:15AM -0400, Paul Fox wrote:
> > > hi -- is there a relatively painless way to cause the dropbear
> > > server to log all remote command executions? i only need this
...
> > > a quick perusal of the docs didn't turn up anything obvious.
> >
> > There's no builtin way, though you could modify a shell
> > login file (.zshenv for zsh, not sure about others) to log
> > the commands, since all commands are actually run as
> > 'sh -c "some command"'.
>
> Just confirming:
>
> They're run with the shell for the user in the /etc/passwd file, right? So
> you can stick any kind of gatekeeper program you want in there. (Did that on
> openssh long ago...)
>
> So an easy way to do this is make a special user whose login shell is a
> logging wrapper thing.
another good idea -- thanks.
putting a logging line in .profile didn't work right off the bat, so
i applied matt's patch and it did the trick. it occurred to me that
.profile might not necessarily be read for "sh -c" kinds of things.
the wrapper idea clearly would have worked.
paul
=---------------------
paul fox, pgf at brightstareng.com
More information about the Dropbear
mailing list