Kommentare zu: How to log history and logins from multiple ssh-keys under one user account

Von: Reiner030

Reiner030 — Thu, 29 Jan 2015 21:26:51 +0000

ah 2nd…
SSH_USER can make problems when ssh login to another server is made because this ENV is used as remote username when connecting.

=> Rename the variable to LC_SSH_USER and you have no problems… AND… it’s accepted by package default:

# grep LC /etc/ssh/sshd_config
AcceptEnv LANG LC_*

Bests 😉

Von: Reiner030

Reiner030 — Tue, 20 Jan 2015 11:12:22 +0000

This works fine and cannot be modified by users (files must be executable):

/etc/profile.d/ssh.csh:
if [ „$SSH_USER“ != „“ ]; then
logger -ip auth.notice -t sshd „Accepted publickey for $SSH_USER“
setenv HISTFILE „$HOME/.history_$SSH_USER“
fi

/etc/profile.d/ssh.sh:
if [ „$SSH_USER“ != „“ ]; then
logger -ip auth.notice -t sshd „Accepted publickey for $SSH_USER“
export HISTFILE=“$HOME/.bash_history_$SSH_USER“
fi

Bests

Von: Alex Bevan

Alex Bevan — Wed, 19 Mar 2014 11:57:53 +0000

PermitUserEnvironment yes

^ is this not a massive security risk.

Enabling environment processing may enable users to
bypass access restrictions in some configurations using
mechanisms such as LD_PRELOAD.

Von: Multiple SSH keys, one account | nimic.net

Multiple SSH keys, one account | nimic.net — Fri, 27 Sep 2013 14:46:50 +0000

[…] http://www.screenage.de/blog/2012/02/10/how-to-log-history-and-logins-from-multiple-ssh-keys-under-o… […]

Von: Martin Mörner

Martin Mörner — Wed, 05 Sep 2012 08:17:40 +0000

You can use the the .bashrc or the more default .bash_profile

Von: Yvan

Yvan — Tue, 04 Sep 2012 21:22:12 +0000

Hi,

I’m wondering to know where you put your small script for the logging ?

Is it in the /etc/profile ? /etc/ssh/sshrc, or another place ?

Thanks