endlessh log file location

chrisknight · 08-31-2021, 08:38 AM

Hello,
I'm playing around with Rocky Linux running SSH on different port and using endlessh honey pot on 22. I have EPEL repository. I installed via DNF and even if I set the log level to any 0 - 2 and restart the service, I cannot find the log file. Anyone know where it is?
Thanks!

boughtonp · 08-31-2021, 09:07 AM

Quote:

Originally Posted by https://github.com/skeeto/endlessh

All log messages are sent to standard output by default. -s causes them to be sent to syslog.

?

chrisknight · 08-31-2021, 09:29 AM

I saw that but there is no /var/log/messages or /var/log/syslog.
I'll keep playing with it.

chrisknight · 08-31-2021, 09:59 AM

https://docs.rockylinux.org/release_notes/8.4/
"dnf install @minimal-environment" fixed that.
Set log level to 1 and rebooted. Seeing logs in /var/log/messages like:

Quote:

Aug 31 11:30:41 localhost endlessh[898]: 2021-08-31T15:30:41.844Z ACCEPT host=::ffff:172.16.16.16 port=1041 fd=4 n=1/4096
Aug 31 11:33:01 localhost endlessh[898]: 2021-08-31T15:33:01.965Z CLOSE host=::ffff:172.16.16.16 port=1041 fd=4 time=140.121 bytes=185