bergman on 25 Apr 2008 12:41:48 -0700 |
In the message dated: Fri, 25 Apr 2008 14:56:48 EDT, The pithy ruminations from "Mark Baker" on <[PLUG] logging/tailing ssh sessions> were: => => I have a quick question. If you want to watch an ssh session in real A quick question that has no quick answers. => time is there an easy way to do this? I=E2=80=99m thinking of a scenario => where Hmmm....if you're talking about "watching"' what someone with privileged access does, then the only thing I'd trust would be sniffing traffic at the network level, ie., configuring the network switch that connects to the server with port mirroring, and connecting another machine to that port as a passive tap. Alternatively, put in a hub between your network and the server, and attach a second machine to the hub to capture all the traffic. => you give temporary access to a vendor or another user, but you want to => keep an eye on what they are doing on the system. Well....if you don't trust them, then don't give them any access...or at least not privileged access. If you've got to give them acces, consider something like "sudosh", which can be configured to capture all the input & output of login sessions, and which can be used as the login shell. http://sudosh.sourceforge.net/README (yes, the project is basically dead, but the software still works very well). Mark "the other Mark" => => => => Mark => ----- Mark Bergman Biker, Rock Climber, Unix mechanic, IATSE #1 Stagehand http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=bergman%40merctech.com I want a newsgroup with a infinite S/N ratio! Now taking CFV on: rec.motorcycles.stagehands.pet-bird-owners.pinballers.unix-supporters 15+ So Far--Want to join? Check out: http://www.panix.com/~bergman ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|