How to log every login (SSH) on FreeBSD

ssh login logging freebsd

Solution 1:

The default is to log to the AUTH facility. You can change the facility that sshd logs to with the SyslogFacility configuration option. 

SyslogFacility LOCAL7

Then configure your syslogd to write local7.* to it's own file by adding 

local7.*     /var/log/local7.log

to the syslogd configuration file. Tell syslogd to reread it's config file by sending it a HUP signal do the same for sshd and you should have sshd messages being sent to it's own file.

Solution 2:

I stumbled upon this blog-post that describes multiple solutions to my question. Among other things it mentions log-parsing and, interestingly, PAM scripting through pam_exec. This enables me to run my own script on every login.

I think this is the most flexible solution to my problem, although Iain's previous answer probably is less invasive and also solves my problem.

Related

Mass delete mapped & local printers
What Group Policy settings MUST be set within the Default Domain Policy?
Why VPN when I can just use SSH keys?
how to check connectivity to server by windows tools?
Why does chef list my node name as "localhost"?
How do I Increase the log level of Fetchmail?
kvm low io performance
SAN or NAS 100-200TB - where to start looking? [closed]
SSL Library Error: 218570875 error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long
CentOS disable filesystem check: superblock last mount time is in the future
Unable to receive any emails using postfix, dovecot, mysql, and virtual domain/mailboxes
Why can't I navigate Active Directory within Powershell?