Do you have a question? Post it now! No Registration Necessary. Now with pictures!
June 13, 2007, 10:47 pm
rate this thread
SOCKS via OpenSSH? I've noticed that my server's bandwidth has gone
up considerably and a few of my users are idle (or running a minimal
task to avoid the timeout) and assume they are proxying, but I cannot
Whether its in source/destination format, bandwidth used, time spent
or even IF someone is using it, I'd like to log it in some fashion.
I would prefer it logged via OpenSSH primarily, if not, a seperate
program can be installed for logging.
Re: SOCKS over OpenSSH Logging?
If you set LogLevel DEBUG1 or higher in sshd_config (and restart sshd)
then you will get a server_request_direct_tcpip log entry with
destination address and port for each port forward request (I don't
think it logs the traffic volume, though).
Note that if your users have shell access, this isn't the only way of
relaying and this will not catch those. See if your platform supports
a way of accounting for all users' traffic to catch those.
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- » Remote SSH problem - connection closed by remote host
- — Previous thread in » Secure Shell Forum
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum