Chroot SFTP Session Logging

Hi All,

I have configured my SLES 11 SP 1 server to perform chrooted SFTP session which works fine. I’m trying get internal-sftp to log the actual sftp session. Has anyone been able to do this or can anyone point me to a doc. that contains the info.

Currently my /etc/ssh/sshd_config looks has the following:

Subsystem sftp internal-sftp -f AUTH -l VERBOSE

Match group sftponly
ChrootDirectory /u01/sftp-chroot/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp -f AUTH -l VERBOSE


After doing a bit more research, all I had to do was create a domain socket in each chroot user directory. I am using syslog-ng for system logging:

mkdir /u01/sftp-chroot//dev

syslog-ng -a /u01/sftp-chroot//dev/log

Then modify /etc/syslog-ng/syslog-ng.conf to channel the sftp session logs to wherever you want.