Question & Answer
Question
How to configure sftp to log the name, location, and size of the transferred files
Answer
Configure the
Test the following from an sftp client.
sshd_config
file to log information to syslog.
#vi /etc/ssh/sshd_config
Locate the following line:
Subsystem sftp /usr/sbin/sftp-server
Add the following parameters "-l INFO -f AUTH" at the end:
Subsystem sftp /usr/sbin/sftp-server -l INFO -f AUTH
Save the /etc/ssh/sshd_config file.
Configure syslog to record information from sftp-server.
#vi /etc/syslog.conf
Add the following line in syslog.conf
auth.info /tmp/sftp.log
Save the file /etc/syslog.conf, create the log file, and refresh syslogd.
#touch /tmp/sftp.log
#refresh -s syslogd
Restart sshd daemon.
#stopsrc -s sshd
#startsrc -s sshd
NOTE: While stopping and starting sshd, users will not be able create new connections. Existing connections will not be disconnected.
Test the following from an sftp client.
#sftp user@<server-name>
password: <Enter Password>
<sftp>cd /
<sftp>put motd
In the syslog, you should see logged information similar to the following output, which includes the file name and size.
Oct 8 11:29:07 greybso auth|security:info sftp-server[372922]: open "/motd" flags WRITE,CREATE,TRUNCATE mode 0666 Oct 8 11:29:07 greybso auth|security:info sftp-server[372922]: close "/motd" bytes read 0 written 880
[{"Product":{"code":"SWG10","label":"AIX"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"Not Applicable","Platform":[{"code":"PF002","label":"AIX"}],"Version":"5.3;6.1;7.1","Edition":"Standard","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Product":{"code":"SWG10","label":"AIX"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"Not Applicable","Platform":[{"code":"PF002","label":"AIX"}],"Version":"Version Independent","Edition":"Standard","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
Was this topic helpful?
Document Information
Modified date:
04 December 2019
UID
isg3T1012933