openssh unix dev - Dec 2020 - sftp and wtmp support

Heikki Orsila wrote:
> My client uses wtmp information to determine past logins though ssh into
> their production environment. It seems sftp does not write into wtmp, and
> thus, it is not possible to list past sftp sessions. To make this happen
> I can see several options:
>
> 1. We write a custom tool to analyze auth.log to determine past sessions.
> This is not useful for ssh community in general.
I am scanning the /var/log/auth.log file for this information.  That's
where the information is logged.

Bob

On Wed, Dec 02, 2020 at 02:08:26PM -0700, Bob Proulx
wrote:
> Heikki Orsila wrote:
> > My client uses wtmp information to determine past logins though ssh
into
> > their production environment. It seems sftp does not write into wtmp,
and
> > thus, it is not possible to list past sftp sessions. To make this
happen
> > I can see several options:
> >
> > 1. We write a custom tool to analyze auth.log to determine past
sessions.
> > This is not useful for ssh community in general.
> 
> I am scanning the /var/log/auth.log file for this information.  That's
> where the information is logged.
Do you have this tool available somewhere?

A configuration option to instruct sshd to write to wtmp no matter what 
session is in question would be useful.

Is there an objection from the developers to have this kind of option?

-- 
Heikki Orsila
heikki.orsila at zakalwe.fi
http://www.iki.fi/shd