[OmniOS-discuss] OpenSSH logging control
Bob Friesenhahn
bfriesen at simple.dallas.tx.us
Fri Feb 10 14:39:13 UTC 2017
On Thu, 9 Feb 2017, Joshua M. Clulow wrote:
> On 9 February 2017 at 18:58, Bob Friesenhahn
> <bfriesen at simple.dallas.tx.us> wrote:
>> OpenSSH is even noisier than SunSSH. For a machine with ssh access from the
>> Internet, the console becomes unusable and even the logging to a file might
>> eventually wear out an SSD.
>
> For what it's worth, moving the SSH port up to a high number made my
> logs almost silent. Most of the cheap (and thus plentiful) scans are
> on port 22 only.
That would be confusing for my remote users, who would likely forget
about a special port.
These seem to be the only tweaks available for ssh logging
configuration:
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
Setting LogLevel to QUIET seems like it would remove all logging.
Setting to ERROR or FATAL would seem to lessen the logging but the
fast majority of the annoying logs are at ERROR level. I will try
setting to FATAL level.
The structure of OpenSSH logging is not useful. I would like a way to
specify IP address ranges for which I am interested in a high degree
of logging (e.g. for my own network address ranges) while not treating
remote annoyances as "errors".
Bob
--
Bob Friesenhahn
bfriesen at simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
More information about the OmniOS-discuss
mailing list