LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 11-20-2012, 02:31 AM   #1
driftwood
LQ Newbie
 
Registered: Oct 2012
Posts: 8

Rep: Reputation: Disabled
how to setup sshd log to convert ip address to FQDN during connection


hi everyone, i have question for suse linux OS where inside my sshd.log it capture the connection log from which IP address during connection.But i want to capture the FQDN as well and include it inside my sshd.log. I have search on google and can't find the solution. the scenario is like shown below

i need help on how to add my FQDN in log messages

Before
Nov 20 15:27:15 zeus sshd[6810]: Accepted keyboard-interactive/pam for root from 192.168.2.1 port 60900 ssh2

After
Nov 20 15:27:15 zeus sshd[6810]: Accepted keyboard-interactive/pam for root from 192.168.2.1 My-PC port 60900 ssh2


Thanks

Last edited by driftwood; 11-20-2012 at 02:33 AM.
 
Old 11-20-2012, 04:06 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
i'd really suggest that you don't do this. The "tip" is usually to turn it off as reverse lookups are one of the biggest reasons for SSH hanging. setting the UseDNS option in sshd_config will sort this, but no one willingly sets it to "yes"
 
Old 11-20-2012, 04:22 AM   #3
driftwood
LQ Newbie
 
Registered: Oct 2012
Posts: 8

Original Poster
Rep: Reputation: Disabled
Hi Chris,

thanks for the info. i didn't know how to explain this but the customer is willing to sacrifice the ssh hanging in order for them to get the FQDN in the logs. Is there any document or step on how to accomplish this?

Thank you
 
Old 11-20-2012, 04:36 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
as above, just set useDNS. There are literally thousands of google hits on how to do this if you look.
 
Old 11-20-2012, 05:03 AM   #5
driftwood
LQ Newbie
 
Registered: Oct 2012
Posts: 8

Original Poster
Rep: Reputation: Disabled
Hi Chris,

i have commented it out but no luck when i test it out the logs are still showing the IP address instead of the FQDN.

Thank you
 
Old 11-20-2012, 05:13 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
well don't comment it out, set it explicitly, and confirm that the reverse lookup actually DOES work outside of ssh.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
convert LAN IP address to Host Name when I give cmd tail -f /var/log/squid/access.log rs15 Linux - Networking 6 01-22-2012 02:45 AM
Retrieving FQDN from squid access.log LinuxGold Linux - General 1 11-10-2009 04:32 PM
Can I hide the ip address and port of my sshd connection? CoffeeKing!!! Linux - Security 7 08-10-2009 03:06 PM
Postfix Appends FQDN to Senders Address carlosinfl Linux - Server 1 05-17-2009 09:57 PM
Linux boxes in an AD domain; address w/o FQDN itzfritz Linux - Networking 3 10-01-2008 04:59 PM


All times are GMT -5. The time now is 05:28 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration