Hello everyone,
Fresh install this morning, everything runs fine enough.
Two (maybe noobish) comments though:
* I find it quite alarming to find PermitRootLogin option set to WithoutPassword by default, even though sshd needs to be authorized in the firewall settings.
* Where are the sshd logs if not in /var/log/secure (which is empty) ? Does the firewall redirect it to somewhere safer?
Regards
[SOLVED] sshd logs
4 posts
• Page 1 of 1
[SOLVED] sshd logs
by albahtaar » Feb 17th, '14, 19:59
Last edited by albahtaar on Feb 18th, '14, 22:23, edited 1 time in total.
- albahtaar
- Posts: 2
- Joined: Feb 17th, '14, 19:54
Re: sshd logs
by doktor5000 » Feb 17th, '14, 21:10
albahtaar wrote:* I find it quite alarming to find PermitRootLogin option set to WithoutPassword by default, even though sshd needs to be authorized in the firewall settings.
How are sshd configuration details, and firewall rules related?
But anyways, just try to login via ssh root@127.0.0.1 - it will not log you in with your password.
albahtaar wrote:* Where are the sshd logs if not in /var/log/secure (which is empty) ? Does the firewall redirect it to somewhere safer?
Again, what does firewall have to do with the logs? Seems you're confusing things here.
Logs are getting written to the journal, you can query them via e.g. for all log entries for this boot
- Code: Select all
journalctl -a -b -u sshd
You may need to add your user to the group if you don't want to get root to query the logs: https://wiki.mageia.org/en/Mageia_4_Errata#journalctl
Cauldron is not for the faint of heart!
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
-
doktor5000 - Posts: 18052
- Joined: Jun 4th, '11, 10:10
- Location: Leipzig, Germany
Re: sshd logs
by albahtaar » Feb 18th, '14, 12:25
doktor5000 wrote:How are sshd configuration details, and firewall rules related?
I am not saying they are related, just that firewall's default ssh blocking rule would not make it a security hole right after install.
doktor5000 wrote:But anyways, just try to login via ssh root@127.0.0.1 - it will not log you in with your password.
Ok i get it now, thanks to http://h30499.www3.hp.com/t5/Secure-OS- ... wMykPFb9hE
I thought that without-password was enabling root login without any sort of authentification. I agree it is a naive view of me, but to a paranoic mind, the sshd man page was not that reassuringly clear.
doktor5000 wrote:Logs are getting written to the journal, you can query them via e.g. for all log entries for this boot
- Code: Select all
journalctl -a -b -u sshd
You may need to add your user to the group if you don't want to get root to query the logs: https://wiki.mageia.org/en/Mageia_4_Errata#journalctl
Thanks for pointing that to me, I'll have a look into it.
- albahtaar
- Posts: 2
- Joined: Feb 17th, '14, 19:54
Re: sshd logs
by doktor5000 » Feb 18th, '14, 20:58
Please mark the thread accordingly by editing the topic of the first post and prefix it by [SOLVED], thanks
Cauldron is not for the faint of heart!
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
-
doktor5000 - Posts: 18052
- Joined: Jun 4th, '11, 10:10
- Location: Leipzig, Germany
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 1 guest