[syslog-ng]where docs on *REMOTE* logging using ssh??

seberino@spawar.navy.mil seberino@spawar.navy.mil
Tue, 4 Feb 2003 16:24:07 -0800


Nate

Thanks.  This is all good info.  From what you've
said I'm sure stunnel is easier and better for this
little job.  My only hesitation in using all these
handy little lesser known tools is whether they
have the same auditing/inspection of their
source code like openssh does.

OpenSSH is very widely used and many people analyze
the code for defects daily.  It is widely trusted
and from a reputable source (OpenBSD guys).  It would
be safe and useful to invest my time in openssh
since it will be around forever.... I don't know
about stunnel though.

Then again what do I know?...

Chris

P.S. I'm still surprised syslog-ng has no docs on
remote logging and even docs for using syslog-ng with
ssh or stunnel are hard to come by.

On Tue, Jan 28, 2003 at 01:05:48PM -0800, Nate Campi wrote:
> On Tue, Jan 28, 2003 at 11:57:14AM -0800, Nate Campi wrote:
> > 
> > The right place to start is with your (openssh) authorized_keys file
> > having settings like this:
> > 
> > no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding ssh-dss
> > AAAAB3N... syslog-ng@remotehost "logging account only"
> 
> Haha, I crack myself up. I actually put in "no-port-forwarding" when
> answering a post about using ssh for just such a purpose. What a dufus.
> 
> Anyways, the rest of what I said still applies. :)
> 
> HINT: if you use ssh and want it to reconnect, set it up under
> daemontools <URL:http://cr.yp.to/daemontools.html> so that when it dies
> it starts right back up, and the output is properly logged with multilog
> (assuming you set up logging, which you should). Also look into forced
> commands if you want better security. You won't be forwarding straight
> into syslog-ng, but you'll rest better knowing you're doing as much as
> you can to prevent misuse of this account.
> 
> Did I mention that stunnel makes it so you don't need to worry about all
> this?
> -- 
> Nate Campi   http://www.campin.net 
> 
> Without C, We would only have Pasal, Basi, and obol
> 
> 
> _______________________________________________
> syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html

-- 
_______________________________________

Dr. Christian Seberino
SPAWAR Systems Center San Diego
Code 2872
San Diego, CA 92152-6147
U.S.A.

Phone: (619) 553-9973
Fax:
Email: seberino@spawar.navy.mil
_______________________________________