On the request of a coworker looking for more information about our SSH
users I developed a patch that provides extended logging capability for
SSHD. Its been written with an eye towards machine parsing. This patch
will write the following information to the standard system log:

remote ip, remote port, & remote user name
protocol number and client version information
Encryption method, MAC method and compression
Bytes transferred including packet headers and messages (I think I'm
collecting most of it)
Duration of connection, throughput in both directions.

So far they've found it useful with no reported problems.

Its a bit on the larger side (15k) so I'll just provide a link to the
patch. If anyone has any comments or suggestions please let me know.

http://www.psc.edu/networking/projec...r-logging.diff

Sample log data can be found here

http://www.psc.edu/networking/projec...le-output.html

This patch is made against the mainline code base but it does patch
cleanly against hpn12v19. This patch and the previously mentioned
progress bar patch can both be found at

http://www.psc.edu/networking/projects/hpn-ssh


Chris Rapier
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev