Setting the loglevel for the SFTP subsystem on OpenSSH

Posted by on May 9, 2011 Leave a comment (0) Go to comments

I just wanted to increase the loglevel of the SFTP subsystem on one of my servers. That was not as easy as I thought:

The configuration file of the OpenSSH server /etc/ssh/sshd_config contains an entry for the SFTP subsystem:

Subsystem       sftp    /usr/libexec/openssh/sftp-server

Seems sftp-server allows the loglevel to be set:

# /usr/libexec/openssh/sftp-server -h
usage: sftp-server [-he] [-l log_level] [-f log_facility]

The manpage contains all the available loglevels. I tried adding the parameter “-i VERBOSE” in my sshd_config, but this fails, as my version of OpenSSH does not allow command-line arguments here. I’m using Centos 5.6 which comes with OpenSSH 4.3. Command-line parameter are available since OpenSSH 4.4 (http://www.openssh.com/txt/release-4.4)

So I created a file /usr/libexec/openssh/sftp-server-custom containing:

“/usr/libexec/openssh/sftp-server -i VERBOSE” and altered the line in sshd_config to:

Subsystem       sftp    /usr/libexec/openssh/sftp-server-custom

Restart or reload the ssh server so the configuration change gets active, and it starts logging nicely.

 

Technik

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>