openssh unix dev - Dec 2003 - Remote-Port

Hello *,

for security logging purposes, I would like to record the actual remote port an
ssh connection uses after the connection has been established. Could someone
kindly point me to the part of the ssh client source code where such information
is available?
 

kind regards,

Uwe Veiel
----------------------------------------------------------
Siemens Business Services GmbH & Co OHG
SBS ORS GD AHS CC32
Interne Tools

On Fri, Dec 12, 2003 at 01:57:45PM +0100, Veiel Uwe
wrote:
> Hello *,
>
> for security logging purposes, I would like to record the actual
> remote port an ssh connection uses after the connection has been
> established. Could someone kindly point me to the part of the ssh
> client source code where such information is available?
Something like that?

## Which debug message are we interested in?
chris at pi2105:~/openssh-3.7p1$ ssh -v SOME_HOST_NAME
(...)
debug1: Connection established.
(...)

## Where is it generated?
chris at pi2105:~/openssh-3.7p1$ grep -n "\"Connection
established" *.c
sshconnect.c:418:       debug("Connection established.");

	Chris

-- 
Caution.  Blade is sharp.  Keep out of children.

Veiel Uwe wrote:
> for security logging purposes, I would like to record the
 > actual remote port an ssh connection uses after the connection
 > has been established. Could someone kindly point me to the part
 > of the ssh client source code where such information
is
> available?
You mean the other end of the TCP connection to the server's port 22? 
That is already logged to wherever syslog is configured to go to (see 
LogLevel and SysLogFacility in "man sshd_config"), eg:

Dec 13 00:18:52 gate sshd[12258]: Accepted password for dtucker from 
192.168.1.1 port 54496 ssh2

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.