Why isn’t SFTP logging working?

by

I’m missing something simple, I think, with SFTP logging.

Subsystem sftp internal-sftp -f AUTH -l INFO

also, I’ve got

Match Group customers
#   ChrootDirectory %h
    ForceCommand internal-sftp
    AllowTcpForwarding no

so note this isn’t a chroot problem. What I see in the logs are

May  9 15:48:32 oc8703477275 sshd[22927]: pam_unix(sshd:session): session opened for user customer by (uid=0)
May  9 15:48:42 oc8703477275 sshd[22927]: pam_unix(sshd:session): session closed for user customer

I ran sshd -ddd and rsyslog -dn so I could see the chatter. After the login, both sshd and rsyslog are quiet while I change directories, move files around, etc — and obviously none of that is being logged.

Where should I look?

update Martin provided the bingo. It looks like the ForceCommand overrides the settings on subsystem. Adding the -l INFO there fixed it.

Answer

Attribution
Source : Link , Question Author : Woody Weaver , Answer Author : Community

Leave a Comment