Log SSH activity

ssh log

Maybe you can make sshd use a logging shell like rootsh?


You can try with snoopy. After you install it, will logs all input command that calls execve to syslog. you'll only find it in the repos for hardy and precise.

You can install it from here.


I don't think SSHD logs commands while the user is logged in.

you can check who logged in by checking

/var/log/auth.log

and cross reference it to their history

/home/sshuser/.bash_history

history will have commands local or remote though.


I have a similar problem and wrote the tool log-user-session which stores all shell output into a root-only accessible session log file. It can be enabled via forced command on sshd_conf or ~/.ssh/authorized keys (see documentation).

Related

Desktop login fails, terminal works
How to enable Alt-Gr on Ubuntu 16.04?
after 12.04 upgrade: can't log in although password is correct
How to start apps always on specific display?
Why are there two icons in the Unity launcher for Nautilus?
How to obtain entity/spawner data from a server
What amount of resources do you get back for aborting a currently building damaged building?
Minecraft PE won't let me build or break blocks or open chests, how do I fix this?
Who are the bosses shown in the Trophy Room?
How do I change the weapons of the other characters I hang out with?
Unexpected Error with Login Session - haven't been able to login for weeks
How do I change one of the enchantment levels of an item to a scoreboard value