摘自並修訂:https://www.cnblogs.com/kgdxpr/p/7169333.html
參考SFTP-SERVER的man page:http://man.he.net/man8/sftp-server
0、man SFTP-SERVER
先了解sftp-server的參數用法
1、修改ssh的配置
在146行左右修改如下配置
注:如文件中已經存在如下配置,請先注釋
2、修改rsyslog配置
在最后增加如下配置
3、重啟服務
4、查看日志
設置登陸后的目錄為/root // 打開xftp,連接192.168.25.72沒有日志, 設置密碼后的日志如下 Mar 10 11:42:58 localhost sshd[6189]: Accepted password for root from 192.168.25.24 port 59725 ssh2 Mar 10 11:42:59 localhost systemd-logind: New session 27 of user root. Mar 10 11:42:59 localhost sshd[6189]: pam_unix(sshd:session): session opened for user root by (uid=0) Mar 10 11:42:59 localhost sftp-server[6193]: session opened for local user root from [192.168.25.24] Mar 10 11:42:59 localhost sftp-server[6193]: received client version 4 Mar 10 11:42:59 localhost sftp-server[6193]: realpath "." Mar 10 11:42:59 localhost sftp-server[6193]: debug1: request 0: sent names count 1 Mar 10 11:42:59 localhost sftp-server[6193]: opendir "/root" Mar 10 11:42:59 localhost sftp-server[6193]: debug1: request 2: sent handle handle 0 Mar 10 11:42:59 localhost sftp-server[6193]: debug1: request 3: readdir "/root" (handle 0) Mar 10 11:42:59 localhost sftp-server[6193]: debug1: request 3: sent names count 44 Mar 10 11:42:59 localhost sftp-server[6193]: debug1: request 4: readdir "/root" (handle 0) Mar 10 11:42:59 localhost sftp-server[6193]: sent status End of file Mar 10 11:42:59 localhost sftp-server[6193]: closedir "/root" Mar 10 11:42:59 localhost sftp-server[6193]: sent status Success
// 不切換止步,直接關閉xftp窗口后的日志 Mar 10 11:43:10 localhost sftp-server[6193]: debug1: read eof Mar 10 11:43:10 localhost sftp-server[6193]: session closed for local user root from [192.168.25.24] Mar 10 11:43:10 localhost sshd[6189]: pam_unix(sshd:session): session closed for user root Mar 10 11:43:10 localhost systemd-logind: Removed session 27.