事象発生日:2018-05-15
記事公開日:2018-05-15
アクセス数:3922
SSHポートフォワーディング用のサーバーを構築中である.
OpenSSHでログインに使用した公開鍵を記録する.
Ubuntu Server 18.04 LTS
FUJITSU Server PRIMERGY TX1310 M3
4GB DDR4 x 1
2TB HDD x 1
/etc/ssh/sshd_configを編集し,ログレベルを変更する.
$ diff sshd_config sshd_config.backup.20180515 27c27 < LogLevel VERBOSE --- > #LogLevel INFO
構文チェックとサービス再起動.
$ sudo sshd -t $ sudo /etc/init.d/ssh restart
$ grep sshd /var/log/auth.log
...
May 15 07:29:59 ${host} sshd[1425]: Accepted publickey for ${user} from ${ip} port ${port} ssh2: RSA SHA256:${hash}
...
$ ssh-keygen -l -f ./.ssh/hoge.pub
2048 SHA256:${hash} ${clientUser}@${clientHost} (RSA)
これをログと突き合わせれば,SSHログインに使用された公開鍵がわかる.
以下のようにcronを登録.
なお,にあるように,cronでは%をエスケープしないといけないことに注意.
$ crontab -l
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
#
0 0 * * * grep sshd /var/log/auth.log > /home/${user}/log/sshd/$(date +\%Y\%m\%d_\%H\%M\%S).log
# */1 * * * * grep sshd /var/log/auth.log > /home/${user}/log/sshd/$(date +\%Y\%m\%d_\%H\%M\%S).log
名前
Email (※公開されることはありません)
コメント