Redirect SSH logging to a text file, *without* using a commandline switch

General support questions
Post Reply
phil.e
Posts: 77
Joined: 2018/02/13 20:28:14

Redirect SSH logging to a text file, *without* using a commandline switch

Post by phil.e » 2020/07/14 17:58:53

How do I get the debug logs you get when using the "-vvv" switch with the ssh command "ssh -vvv username@remotehost" redirected to a text file rather than the users screen?

It's very distracting for the user to get all that extra output popping up on their screen whenever using ssh.

I'd like this to be totally transparent to the user, and not asking them to add any commandline switches when they use SSH.

I've tried adding the LogLevel line to ssh_config, but it clutters up their screen with log messages - it doesn't pipe anything to a file.

I'm assuming there must be a way to redirect these logs to a file, like using rsyslog.conf or something.

This is using CentOS 7.7.

Thanks

MartinR
Posts: 652
Joined: 2015/05/11 07:53:27
Location: UK

Re: Redirect SSH logging to a text file, *without* using a commandline switch

Post by MartinR » 2020/07/14 19:50:31

To answer the first part:

Code: Select all

$ ssh -vvv 2>logfile.log remote.host.name
for the second, try setting something along the lines of:

Code: Select all

function ssh { /bin/ssh -vvv 2>X "$@"; }
then invoke as

Code: Select all

$ ssh remote.host.name

phil.e
Posts: 77
Joined: 2018/02/13 20:28:14

Re: Redirect SSH logging to a text file, *without* using a commandline switch

Post by phil.e » 2020/07/14 20:06:40

Ok, maybe I wasn't clear. I don't want the end user to have to add anything to their commandline to get those debug logs.

I was hoping there was a way, like via rsyslog or something, to get ssh debug logs sent to a text file.

ssh_config has a LogLevel option but that sends the logs to the users screen, which I don't want to happen.

Unless I'm missing something I don't see any option in the ssh_config man page that lets you configure debug logs to be directed to a file without adding options to the commandline.

MartinR
Posts: 652
Joined: 2015/05/11 07:53:27
Location: UK

Re: Redirect SSH logging to a text file, *without* using a commandline switch

Post by MartinR » 2020/07/14 21:16:07

If you add the function definition to the the user's .bashrc then they will do nothing except use $ ssh.

Please note: the term "2>X" in the example should read "2>/path/to/log/file", it was a copy-and-paste from my test example!

phil.e
Posts: 77
Joined: 2018/02/13 20:28:14

Re: Redirect SSH logging to a text file, *without* using a commandline switch

Post by phil.e » 2020/07/16 00:50:44

Cool, that function thing seemed to work.
If I want to roll that back and get rid of it, how do I delete it? Where is it stored?
Does it work the same if the users standard shell is tcsh?

Post Reply

Return to “CentOS 7 - General Support”