SSH access logging/control

Have some feedback, questions, suggestions, or just fancy a chat? Pop it in here.
Post Reply
AndreDias

SSH access logging/control

Post by AndreDias »

I just installed DietPI in my newly acquired Raspberry Pi 2, due to it's amazing setup, functionalities, small size and footprint, and am loving it because it was precisely what I needed (great job!).

I was looking around for a way to log SSH connections/tries and implementing an IP blocking system and email notification, since I intend to have it accessible outside my local network, but, as far as I've seen, this is impossible with DropBear.
Is there a way I can do this with OpenSSH or through another method?

(I'm sorry if this was already asked/done, but the Forum search tool blocked every word I tried to use :lol: )

Thank you in advance!
Top
User avatar
Fourdee
Site Admin
Posts: 2781
Joined: Tue Feb 06, 2007 1:36 pm

Re: SSH access logging/control

Post by Fourdee »

AndreDias wrote:I just installed DietPI in my newly acquired Raspberry Pi 2, due to it's amazing setup, functionalities, small size and footprint, and am loving it because it was precisely what I needed (great job!).

I was looking around for a way to log SSH connections/tries and implementing an IP blocking system and email notification, since I intend to have it accessible outside my local network, but, as far as I've seen, this is impossible with DropBear.
Is there a way I can do this with OpenSSH or through another method?

(I'm sorry if this was already asked/done, but the Forum search tool blocked every word I tried to use :lol: )

Thank you in advance!
Hi Andre,

You will need to install OpenSSH server for your requirements. Also, i believe OpenSSH logs relies on syslog. So you will need to change your logging mode to "full". Once completed, the log file should be in /var/log/auth.log

Simply use DietPi-Software to change both your SSH server and Logging mode choices.

The OpenSSH server config is located here:
/etc/ssh/sshd_config

The available commands and settings are located here:
http://www.openbsd.org/cgi-bin/man.cgi/ ... shd_config

As for the email notification, I'am not sure. But for blocking, you could use denyuser and allowuser in the config:
http://www.linuxquestions.org/questions ... ts-323154/

Kind Regards,
Dan
If you find our project or support useful, then we’d really appreciate it if you’d consider contributing to the project however you can.
Donating is the easiest – you can use PayPal or become a DietPi patron.
Top
AndreDias

Re: SSH access logging/control

Post by AndreDias »

Thank you very much Dan, that worked perfectly!
Top
Post Reply

Return to “General Discussion”