Can I adjust the ssh daemon to log IP addresses instead of hostnames? I assume this situation is feasible... * 10.10.10.10 attempts to ssh to the server * reverse dns resolves to "somehost.domain.com" * ssh daemon logs "somehost.domain.com" in messages * foward dns on "somehost.domain.com" resolves to 10.10.10.20 Thus it causes some of my scripts a problem if the DNS resolutions don't match. It would be nice if it could just log IP addresses only. Thanks, Scott
On Mon, Jun 22, 2009 at 3:21 PM, Scott Moseman<scmoseman at gmail.com> wrote:> Can I adjust the ssh daemon to log IP addresses instead of hostnames?In sshd_config set UseDNS to no: UseDNS no Brett
Filipe Brandenburger
2009-Jun-22 19:34 UTC
[CentOS] Make sshd log IP addresses, not hostnames
Hi, On Mon, Jun 22, 2009 at 15:21, Scott Moseman<scmoseman at gmail.com> wrote:> Can I adjust the ssh daemon to log IP addresses instead of hostnames?You can disable all DNS lookups by adding this line to /etc/ssh/sshd_config: UseDNS no This will probably accomplish what you want.> I assume this situation is feasible... > * 10.10.10.10 attempts to ssh to the server > * reverse dns resolves to "somehost.domain.com" > * ssh daemon logs "somehost.domain.com" in messages > * foward dns on "somehost.domain.com" resolves to 10.10.10.20 > Thus it causes some of my scripts a problem if the DNS resolutions > don't match. ?It would be nice if it could just log IP addresses only.I believe the OpenSSH server will only log and use domain names if the forward DNS matches the reverse DNS, otherwise it will probably log the IP only (as if there was no reverse DNS for the IP) and maybe even log a warning that forward and reverse do not match. I haven't tested that recently, but that is how I would expect sshd to work... HTH, Filipe