sftp - Logging file transfers

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Is it possible to log what files that are transfered with sftp.
When files are sent with ftp I log this in the xferlog file (on HP-UX).

I'm trying to migrate my clients into using sftp instead of ftp when
transfering files, but I need to log what files are transferred, from
where (IP, local username) they came, and when.

What about scp?

I use rssh to restrict my clients to scp and sftp only.

Stein Arne

Re: sftp - Logging file transfers

I'm answering my own post in the hope that it will be helpful to others.

Quoted text here. Click to load it

Yes, but you have to patch and recompile openssh.

Quoted text here. Click to load it

I've tested sftplogging from Sourceforge.net.

http://sftplogging.sourceforge.net /

1. download and expand openssh-x.x(.x)px source
2. download the patch and put it in the parent diretory of the openssh
   source directory
3. run "patch -p0 < openssh-x.x(.x)p.x.sftplogging.patch"
4. compile and install openssh

Now you can add the following parameters to your sshd_config file:
LogSftp yes    # The default is "no", so you _have_ to change this
SftpLogfacility # Default is AUTH, see /etc/syslog.conf for more info
SftpLogLevel    # Default is INFO
SftpUmask       # Set a global umask for sftp
SftpPermitChmod # Allow, or disallow chmod
SftpPermitChown # Allow, or disallow chown/chgrp

Stein Arne

Site Timeline