[syslog-ng]Secure syslog-ng.

Scott A. McIntyre scott@xs4all.nl
Fri, 27 Apr 2001 06:37:40 +0200


Hi,

I was looking for a way to have a secured form of syslog-ng and the most
obvious way that came up (without playing IPSEC games) was to use SSH
with remote port forwarding.

After mucking about with the configurations for an hour (apparently,
destination and source descriptors take different syntax for specifying
a network connection -- annoyingly undocumented) I got things working
more or less as I'd like...however, I did notice that after a few
messages sent through this way OpenSSH would die (the main daemon
itself, not the one doing the port forwarding).

I know this may seem unrelated and the version of OpenSSH (2.3.0p1)
wasn't the most up to date (now upgraded) but this was repeatable
behaviour.  Has anyone else tried such a setup and noticed anything
curious about how things interact?

Any other solutions for a secured implementation of syslog-ng would also
be appreciated.  I think that this method will serve me well, after I
get the configurations all tweaked and tuned to operate properly.

Regards,

Scott