linuxadmin wrote:
> if I ssh from A to B, a log is generated in /var/log/messages of
> machine B...but is a log also generated in machine A when A tries to
> ssh to machine B. if so then where is it generated

Generally speaking, no, there is no log. There may be something in
the user's shell history. Or you can turn on process accounting.


--
Oh to have a lodge in some vast wilderness. Where rumors of oppression
and deceit, of unsuccessful and successful wars may never reach me
anymore.
-- William Cowper

Jeremiah DeWitt Weiner wrote:
> linuxadmin wrote:
> > if I ssh from A to B, a log is generated in /var/log/messages of
> > machine B...but is a log also generated in machine A when A tries to
> > ssh to machine B. if so then where is it generated
>
> Generally speaking, no, there is no log. There may be something in
> the user's shell history. Or you can turn on process accounting.
>
>
> --
> Oh to have a lodge in some vast wilderness. Where rumors of oppression
> and deceit, of unsuccessful and successful wars may never reach me
> anymore.
> -- William Cowper

I will write down what I understood. Please correct me if Im wrong...

Suppose the ssh-client machine is in a LAN. If I ssh to a computer
outside the LAN there is no way a log can be generated on the client
side which mentions that an ssh connection has been made to a .....ip

thanks
Danish

"linuxadmin" wrote in message
news:1144299379.160581.116810@v46g2000cwv.googlegr oups.com

>> Oh to have a lodge in some vast wilderness. Where rumors of
>> oppression and deceit, of unsuccessful and successful wars may never
>> reach me anymore.
>> -- William Cowper
>
> I will write down what I understood. Please correct me if Im wrong...

Just remember that the lodge should be made of (ssh) logs, and the
wilderness should be a desert devoid of trees.

Oh, you weren't responding to that part? So why did you quote it?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

linuxadmin wrote:


> if I ssh from A to B, a log is generated in /var/log/messages of
> machine B...but is a log also generated in machine A when A tries to
> ssh to machine B. if so then where is it generated

With "iptables" in machine A and the "LOG" target extension.

- --
Un saludo
Alo [alo(@)uk2.net]
PGP en http://pgp.eteo.mondragon.edu [Get "0xF6695A61 "]
Usuario registrado Linux #276144 [http://counter.li.org]

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD4DBQFENKbMvzPPcPZpWmERAq5FAJjPCeeVMmMfRJparFBlVt Z/1RGgAJ9sqOq9
Q+0UPzXbs9IhZne7R0Kybg==
=5R1r
-----END PGP SIGNATURE-----

linuxadmin wrote:
>
> I will write down what I understood. Please correct me if Im wrong...
>
> Suppose the ssh-client machine is in a LAN. If I ssh to a computer
> outside the LAN there is no way a log can be generated on the client
> side which mentions that an ssh connection has been made to a .....ip
>
> thanks
> Danish
>

Depending on the paranoia level and/or conscientiousness of the admin of
the local machine, you may have no logs, logs recording that ssh was
used (normal for systems with process accounting), logs of all outgoing
network connections (possible when starting within a corporate lan), or
even keystroke monitoring. If you want to know what is being logged,
ask your sysadmin and network admin.

Doug

Douglas O'Neal wrote:
> linuxadmin wrote:
> >
> > I will write down what I understood. Please correct me if Im wrong...
> >
> > Suppose the ssh-client machine is in a LAN. If I ssh to a computer
> > outside the LAN there is no way a log can be generated on the client
> > side which mentions that an ssh connection has been made to a .....ip
> >
> > thanks
> > Danish
> >
>
> Depending on the paranoia level and/or conscientiousness of the admin of
> the local machine, you may have no logs, logs recording that ssh was
> used (normal for systems with process accounting), logs of all outgoing
> network connections (possible when starting within a corporate lan), or
> even keystroke monitoring. If you want to know what is being logged,
> ask your sysadmin and network admin.

that is what I want to know. Is there a way that the logs can me made.
I hope to become a sysadmin or networkadmin so I wanted to know

Danish
>
> Doug

On Fri, 07 Apr 2006 01:10:25 -0700, linuxadmin wrote:

>
> Douglas O'Neal wrote:
>> linuxadmin wrote:
>> >
>> > I will write down what I understood. Please correct me if Im wrong...
>> >
>> > Suppose the ssh-client machine is in a LAN. If I ssh to a computer
>> > outside the LAN there is no way a log can be generated on the client
>> > side which mentions that an ssh connection has been made to a .....ip
>> >
>> > thanks
>> > Danish
>> >
>>
>> Depending on the paranoia level and/or conscientiousness of the admin of
>> the local machine, you may have no logs, logs recording that ssh was
>> used (normal for systems with process accounting), logs of all outgoing
>> network connections (possible when starting within a corporate lan), or
>> even keystroke monitoring. If you want to know what is being logged,
>> ask your sysadmin and network admin.
>
> that is what I want to know. Is there a way that the logs can me made.
> I hope to become a sysadmin or networkadmin so I wanted to know
>
> Danish
>>
>> Doug

You have been correctly advised of two methods to generate the logs you
might want on the client machine, iptables and process accounting. These
are each generally the same or very similar regardless of the distribution
you are using, but you should always be looking for documentation that is
specific to what you already have installed (or to what you will update to.)

Since there are many options, the specific instructions that you want to
or need to use could vary significantly, and you will probably have to
work those out in detail for yourself. You will need to read the
documentation.

If these are already installed (probably are), you can usually read the
documentation in a "man page" or "info" document (ie.: $ man iptables,
_or_ $ info iptables).

To find the CLI command names to read up on for "process accounting", you
could try the line: "$ apropos account", which will usually give you a
list of several commands you may wish to read up on.

For software documentation that is not already on your system, a google
search will usually bring up ample appropriate reading material.

Good luck.

Newsbox wrote:
> On Fri, 07 Apr 2006 01:10:25 -0700, linuxadmin wrote:
>
> >
> > Douglas O'Neal wrote:
> >> linuxadmin wrote:
> >> >
> >> > I will write down what I understood. Please correct me if Im wrong...
> >> >
> >> > Suppose the ssh-client machine is in a LAN. If I ssh to a computer
> >> > outside the LAN there is no way a log can be generated on the client
> >> > side which mentions that an ssh connection has been made to a .....ip
> >> >
> >> > thanks
> >> > Danish
> >> >
> >>
> >> Depending on the paranoia level and/or conscientiousness of the admin of
> >> the local machine, you may have no logs, logs recording that ssh was
> >> used (normal for systems with process accounting), logs of all outgoing
> >> network connections (possible when starting within a corporate lan), or
> >> even keystroke monitoring. If you want to know what is being logged,
> >> ask your sysadmin and network admin.
> >
> > that is what I want to know. Is there a way that the logs can me made.
> > I hope to become a sysadmin or networkadmin so I wanted to know
> >
> > Danish
> >>
> >> Doug
>
> You have been correctly advised of two methods to generate the logs you
> might want on the client machine, iptables and process accounting. These
> are each generally the same or very similar regardless of the distribution
> you are using, but you should always be looking for documentation that is
> specific to what you already have installed (or to what you will update to.)
>
> Since there are many options, the specific instructions that you want to
> or need to use could vary significantly, and you will probably have to
> work those out in detail for yourself. You will need to read the
> documentation.
>
> If these are already installed (probably are), you can usually read the
> documentation in a "man page" or "info" document (ie.: $ man iptables,
> _or_ $ info iptables).
>
> To find the CLI command names to read up on for "process accounting", you
> could try the line: "$ apropos account", which will usually give you a
> list of several commands you may wish to read up on.
>
> For software documentation that is not already on your system, a google
> search will usually bring up ample appropriate reading material.
>
> Good luck.

thank you very much

linuxadmin wrote:
> Newsbox wrote:
> > On Fri, 07 Apr 2006 01:10:25 -0700, linuxadmin wrote:
> >
> > >
> > > Douglas O'Neal wrote:
> > >> linuxadmin wrote:
> > >> >
> > >> > I will write down what I understood. Please correct me if Im wrong...
> > >> >
> > >> > Suppose the ssh-client machine is in a LAN. If I ssh to a computer
> > >> > outside the LAN there is no way a log can be generated on the client
> > >> > side which mentions that an ssh connection has been made to a .....ip
> > >> >
> > >> > thanks
> > >> > Danish
> > >> >
> > >>
> > >> Depending on the paranoia level and/or conscientiousness of the admin of
> > >> the local machine, you may have no logs, logs recording that ssh was
> > >> used (normal for systems with process accounting), logs of all outgoing
> > >> network connections (possible when starting within a corporate lan), or
> > >> even keystroke monitoring. If you want to know what is being logged,
> > >> ask your sysadmin and network admin.
> > >
> > > that is what I want to know. Is there a way that the logs can me made.
> > > I hope to become a sysadmin or networkadmin so I wanted to know
> > >
> > > Danish
> > >>
> > >> Doug
> >
> > You have been correctly advised of two methods to generate the logs you
> > might want on the client machine, iptables and process accounting. These
> > are each generally the same or very similar regardless of the distribution
> > you are using, but you should always be looking for documentation that is
> > specific to what you already have installed (or to what you will update to.)
> >
> > Since there are many options, the specific instructions that you want to
> > or need to use could vary significantly, and you will probably have to
> > work those out in detail for yourself. You will need to read the
> > documentation.
> >
> > If these are already installed (probably are), you can usually read the
> > documentation in a "man page" or "info" document (ie.: $ man iptables,
> > _or_ $ info iptables).
> >
> > To find the CLI command names to read up on for "process accounting", you
> > could try the line: "$ apropos account", which will usually give you a
> > list of several commands you may wish to read up on.
> >
> > For software documentation that is not already on your system, a google
> > search will usually bring up ample appropriate reading material.
> >
> > Good luck.
>
> thank you very much
thank you very much all
Danish