View the Most Wanted LQ Wiki articles.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 04-30-2004, 01:11 PM   #1
Registered: Apr 2004
Posts: 194

Rep: Reputation: 15
HELP me on SSH User login


i need some help on SSH user login event, I got Linux 7.3 i want to monitor SSH user login alert through SNMP .

I heard that i have to make changes in Syslog.conf, my concern is whenever normal user (uid above 500) logs in i should get alert or Trap should get generated and send it to Monitoring software.

Also i got Kiwi syslog as my syslog server

kindly provide help on this???????????

Thanks in advance

Old 05-03-2004, 04:56 PM   #2
Registered: Mar 2004
Location: Virginia
Distribution: PacketProtector
Posts: 331

Rep: Reputation: 30
I have to admit that I was not familar with Kiwi syslog (I had to goggle it to find out what it was). But from what I see, in addition to being able to process SNMP trags, it should be able to handle direct forwarding of syslog data.

From what I gather from your post, you are intereted in ssh logging information. If I recall correctly most distributions default ssh to log to syslog for basic information. You can confirm this by looking at the /etc/ssh/sshd_config file, the 'LogLevel' is likely set to INFO

(for more info see:

Next take a look at your /etc/syslog.conf file, you can set up items of intrest to forward to remote syslog servers. One fairly readable discription of this process can be found at:

Note: It only refers to nameing the server in your host file, then refering to it by name (after the @ symbol) in the syslog.conf file), but you can if you choose use the destination boxes IP address, although it is not as clean of a process should you have IP changes to make in the future.

If memory serves forwarding 'authpriv' should include information regarding loggin attempts.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh login with normal user, receive: /dev/null: Permission denied mark78301 Red Hat 3 11-12-2005 10:20 AM
Add a new SSH login/user Temujin_12 Linux - Networking 2 12-31-2004 11:35 PM
Crazy blank dialog boxes and windows at login. Can't login as user soren625 Linux - General 2 08-11-2004 07:30 AM
how can i restrick user to login with ssh? davidrios Linux - Networking 1 04-27-2004 06:59 PM
SSH login problem - cannot choose user atom Linux - Networking 2 02-29-2004 12:53 PM

All times are GMT -5. The time now is 03:57 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration