Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

good tty logging #25

Open
job opened this issue Dec 1, 2011 · 3 comments
Open

good tty logging #25

job opened this issue Dec 1, 2011 · 3 comments
Assignees
@rodecker

Comments

@job
Copy link
Member

job commented Dec 1, 2011

All shell command's and as much as possible should be logged (over encrypted connection) to one or two masterservers and be stored for future reference in case of abuse.
@rodecker
Copy link
Member

rodecker commented Dec 3, 2011

Rootsh (http://sourceforge.net/projects/rootsh/) looks like a good candidate for this. It logs all user commands and output, and throws it to syslog.

Things that would need to be done to deploy this:

  • create debian package
  • configure syslog-ng to use TLS encryption and authentication (not a bad idea anyway)
  • set rootsh -i as login shell for all users
  • layer 9 foo to deal with legal implications

@ghost ghost assigned rodecker Dec 4, 2011
@ebzao
Copy link

ebzao commented Dec 15, 2011

http://manpages.ubuntu.com/manpages/maverick/man8/pam_tty_audit.8.html could do the job of tty logging. But it doesn't log output of commands.

@rodecker
Copy link
Member

pam_tty_audit is not available on Ubuntu. Acct does the equivalent.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rodecker rodecker

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@job @rodecker @ebzao