Hello *, for security logging purposes, I would like to record the actual remote port an ssh connection uses after the connection has been established. Could someone kindly point me to the part of the ssh client source code where such information is available? kind regards, Uwe Veiel ---------------------------------------------------------- Siemens Business Services GmbH & Co OHG SBS ORS GD AHS CC32 Interne Tools
On Fri, Dec 12, 2003 at 01:57:45PM +0100, Veiel Uwe wrote:> Hello *, > > for security logging purposes, I would like to record the actual > remote port an ssh connection uses after the connection has been > established. Could someone kindly point me to the part of the ssh > client source code where such information is available?Something like that? ## Which debug message are we interested in? chris at pi2105:~/openssh-3.7p1$ ssh -v SOME_HOST_NAME (...) debug1: Connection established. (...) ## Where is it generated? chris at pi2105:~/openssh-3.7p1$ grep -n "\"Connection established" *.c sshconnect.c:418: debug("Connection established."); Chris -- Caution. Blade is sharp. Keep out of children.
Veiel Uwe wrote:> for security logging purposes, I would like to record the> actual remote port an ssh connection uses after the connection > has been established. Could someone kindly point me to the part > of the ssh client source code where such information is> available?You mean the other end of the TCP connection to the server's port 22? That is already logged to wherever syslog is configured to go to (see LogLevel and SysLogFacility in "man sshd_config"), eg: Dec 13 00:18:52 gate sshd[12258]: Accepted password for dtucker from 192.168.1.1 port 54496 ssh2 -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Apparently Analagous Threads
- [Bug 893] With Reliant Unix (5.44/5.45) a connection fails if the host isnt known in DNS
- Problems with Ad and Winbind
- [PATCH 18/18] arm64: lto: Strengthen READ_ONCE() to acquire when CLANG_LTO=y
- [PATCH v3 19/19] arm64: lto: Strengthen READ_ONCE() to acquire when CONFIG_LTO=y
- fax server functionality on Asterisk