-   Linux - Server (
-   -   Can't get SFTP logging to work (

GlowingApple 02-27-2012 03:33 PM

Can't get SFTP logging to work
I'm running an SFTP server (openssh). I want to turn on SFTP logging to troubleshoot some issues. From the sftp-server man page, adding "-l INFO" should provide this:


INFO and VERBOSE log transactions that sftp-server performs on behalf of the client.
So I changed my /etc/ssh/sshd_config to read:


Subsystem      sftp    /usr/libexec/openssh/sftp-server -l INFO -f AUTH
and restarted sshd, but I still see "subsystem request for sftp" as the sole log entry when connecting/cd/get/mget with SFTP. I also tried "-l VERBOSE", but no change.

I have not set up a chroot for SFTP, and I doubt it would be the default for CentOS, so I'm not sure what I'm missing. Any ideas?

kbp 02-28-2012 06:06 PM

Were you looking in /var/log/messages? .. it could depend on your syslog config, try using this instead:

Subsystem      sftp    /usr/libexec/openssh/sftp-server -l INFO -e
.. it will dump the logs onto the console instead of into syslog.

GlowingApple 03-01-2012 05:32 PM

Thanks for the response. I had tried that as well, but saw nothing on the console either. I ended up discovering the problem when I tried logging in as a user that normally doesn't use SFTP. I had set the shell for all "SFTP only" users to "/usr/libexec/openssh/sftp-server", and it appears that the options added to the sshd_config file weren't being read. I changed to internal-sftp (with the logging options) in sshd_config and logging is working now.

Thanks for your response though; sorry for not posting a "never mind, figured it out" response sooner!

All times are GMT -5. The time now is 12:18 PM.