Re: deprecated options in openssh
On Sat 11 Sep 2021 at 16:02:30 (-0400), Greg Wooledge wrote:
> On Sat, Sep 11, 2021 at 02:44:13PM -0500, David Wright wrote:
> > As I understood the OP's first reply (to yourself), there are
> > remote logs available, not logged locally but sent by email:
> >
> > "/usr/sbin/logwatch --detail low --mailto xxx@domain.com"
>
> I don't know anything about logwatch. But if your premise is correct,
> and logs are being collected onto a central machine and then processed
> and ending up in the central machine's /var/log/syslog file, that
> would be equivalent to having syslog() and syslogd set up for remote
> logging -- just with extra steps and delays.
Yes, I don't know whether that's possible or not.
> This would certainly explain how sshd startup complaints from machine X
> are ending up in the /var/log/syslog file on machine Y.
>
> You'd think the OP would know about this, if they did in fact set up
> such a thing.
If that's what's happening, I'd agree. But after a gap of a month,
a /var/log/syslog extract from who knows where, and the introduction
of containers into the mix, I haven't really bothered to follow how
their machine(s) is/are configured. The info is too piecemeal.
Are X and Y parts of the same machine?
I was under the impression that some information about a client's
configuration might be read by the server (a lot with DEBUG3), and
logged. It is, but those configuration options are not amongst it.
Cheers,
David.
Reply to: