SSH / SFTP session logging
We are in the process of migrating clients from vsftp (standard FTP) to SFTP to secure their login sessions. (Yes I know vsftp can do SSL if compiled to do so, but we have a client who is only prepared at the moment to do SFTP)
Auth key logins work just fine on the new server, but on our vsftp server we could get a log of every command issued by the client, and every response issued by the console, for troubleshooting. /var/log/secure even in verbose mode only seems to be recording authentications and not the sessions themselves. We need to be able to monitor what outside clients do while they are connected to our server.
Also, vsftp has a filexfer log that shows the status of all file transfers, whether they completed successfully or not. Is there a way to monitor this on SFTP? I know SFTP is basically just cp over an SSH connection, and not true FTP, but I can't be the only person who ever faced this issue.
All of the solutions I have seen seem to be directed at recording the session at the client end. I want a recording of the session on the server.
Anyone have a solution? Thanks!