No Log Entry, Subnet SSH Login
-
Hi,
This may sound strange, but I don't want to log when I ssh in to my LAN port from the local subnet - as I have a remote application running that connects several times a minute, so I just fill my logs with ssh login entries.
Is there a way to not log this (to system.log)?
Thanks!
-
System->Advanced->Admin Access->WebGUI login messages
-
Hi,
This is for WebGUI login - does it also cover ssh login (not through GUI)?
Thanks!
-
Hi,
Actually, I'm OK logging sshd to auth, but I can't seem to change that (I change it, but pfSense overwrites it again). Does anyone know how to change this?
Thanks!
-
You can edit the file /etc/sshd which is what generates the sshd_config and set it as desired.
-
Hi,
I can find how to change the syslog facility (option is SyslogFacility), but not the file itself … am I missing something?
Thanks!!!
-
Hi,
OK, got it working! But an upgrade will remove this on me … :-(. Here is what I did (and thanks to this post for some key help! https://forum.pfsense.org/index.php?topic=6087.0),
- The file I really need to change is /etc/ssh/sshd_config - but it is generated when sshd is started / restarted.
- The script that builds / creates /etc/ssh/sshd_config is /etc/sshd - so I modified that file, as follows,
/* Hide FreeBSD version */
$sshconf .= "VersionAddendum none\n";
$sshconf .= "SyslogFacility local4\n"; <== This is what I added, just one line ... so sshd logs to the local4 facility (the one I chose).
Restarted sshd, and it worked! The log file is now the local4 facility (/var/log/portalauth.log, as noted in /etc/syslog.conf).
Is it possible to make this an option (syslog facility for sshd)?
Thanks!