Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No Log Entry, Subnet SSH Login

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 3 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • arrmoA Offline
      arrmo
      last edited by

      Hi,

      This may sound strange, but I don't want to log when I ssh in to my LAN port from the local subnet - as I have a remote application running that connects several times a minute, so I just fill my logs with ssh login entries.

      Is there a way to not log this (to system.log)?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • dennypageD Offline
        dennypage
        last edited by

        System->Advanced->Admin Access->WebGUI login messages

        1 Reply Last reply Reply Quote 0
        • arrmoA Offline
          arrmo
          last edited by

          Hi,

          This is for WebGUI login - does it also cover ssh login (not through GUI)?

          Thanks!

          1 Reply Last reply Reply Quote 0
          • arrmoA Offline
            arrmo
            last edited by

            Hi,

            Actually, I'm OK logging sshd to auth, but I can't seem to change that (I change it, but pfSense overwrites it again). Does anyone know how to change this?

            Thanks!

            1 Reply Last reply Reply Quote 0
            • C Offline
              cmb
              last edited by

              You can edit the file /etc/sshd which is what generates the sshd_config and set it as desired.

              1 Reply Last reply Reply Quote 0
              • arrmoA Offline
                arrmo
                last edited by

                Hi,

                I can find how to change the syslog facility (option is SyslogFacility), but not the file itself … am I missing something?

                Thanks!!!

                1 Reply Last reply Reply Quote 0
                • arrmoA Offline
                  arrmo
                  last edited by

                  Hi,

                  OK, got it working! But an upgrade will remove this on me … :-(. Here is what I did (and thanks to this post for some key help! https://forum.pfsense.org/index.php?topic=6087.0),

                  1. The file I really need to change is /etc/ssh/sshd_config - but it is generated when sshd is started / restarted.
                  2. The script that builds / creates /etc/ssh/sshd_config is /etc/sshd - so I modified that file, as follows,
                            /* Hide FreeBSD version */
                            $sshconf .= "VersionAddendum none\n";
                            $sshconf .= "SyslogFacility local4\n"; <== This is what I added, just one line ... so sshd logs to the local4 facility (the one I chose).

                  Restarted sshd, and it worked! The log file is now the local4 facility (/var/log/portalauth.log, as noted in /etc/syslog.conf).

                  Is it possible to make this an option (syslog facility for sshd)?

                  Thanks!

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.