Re: SSH Logging in Windows? (Using cygwin)
I will try to help.
You can install syslog-ng in CygWin. The logins will then appears into the default syslog /var/log/messages, but there is not logouts log.
The others points aren't really possibles.
You can't log the traffic because it's encrypted, unless the packet travel one more hop in which case you can use a common network sniffer (like WireShark), but you can't distinguish what come from or go to a SSH's pipe from the rest of the local traffic.
You can get a "log" some commands by copying the .history file IF a shell is used and if it create one. scp and sftp are some example that will not be logged and you will not known which files have been copied (in or out).
At 11:13 2007-09-24, you wrote:
>I have set SSH up on my Windows XP Home Edition computer some time ago. I
>wanted to be able to log all incoming and outgoing SSH traffic / commands
>issued to the server to a file. Currently, SSH is logging to Windows and the
>log can be view from Windows Event Viewer. This is not what I want and I was
>hoping to sort of 're-direct' the data to a log file somewhere (like say the
>sshd.log file which isn't being used at the moment). I am unable to find a
>guide on it at all on this, and I hope someone can help me. Thanks in
>Windows XP Home Edition
>256 MB RAM
>Running SSH 4.7p1-2 on Cygwin. (Package retrieved from Cygwin repository at
>View this message in context: [url]http://www.nabble.com/SSH-Logging-in-Windows--%28Using-cygwin%29-tf4503918.html#a12844983[/url]
>Sent from the SSH (Secure Shell) mailing list archive at Nabble.com.[/color]