SSH log file location |
您所在的位置:网站首页 › qnap sshd › SSH log file location |
|
Hi,
I've opened ssh (the qnap's internal sshd) to the internet and I can see root ssh login fail messages in the system log. I've configured ssh to only accept key authentication.
I can't cause that message in the log myself when passwords are disabled - it seems like the attacker scripts are using some non-standard method to force password-based authentication although it is disabled.
Code: Select all $ cat /etc/config/ssh/sshd_config Protocol 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key PermitRootLogin no UseDNS no Subsystem sftp /usr/libexec/sftp-server AllowTcpForwarding no AllowUsers admin # another administrator's name censored Banner /etc/config/ssh/banner.txt PasswordAuthentication no ChallengeResponseAuthentication no HostbasedAuthentication no UsePAM no X11Forwarding noCode: Select all $ sshd --version unknown option -- - OpenSSH_8.0p1, OpenSSL 1.0.2k 26 Jan 2017 usage: sshd [-46DdeiqTt] [-C connection_spec] [-c host_cert_file] [-E log_file] [-f config_file] [-g login_grace_time] [-h host_key_file] [-o option] [-p port] [-u len] I have a TS-228, firmware version 4.3.6.0993.Where can I find a more verbose log? /var/log/auth.log doesn't exist. I tried setting LogLevel VERBOSE, but the qnap's log still doesn't show any more information. |
| CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3 |