Changing the location of sshd log, this will leave your syslog more clear

sábado, 21 de janeiro de 2012

Modify the sshd config file:

# vi /opt/ssh/etc/sshd_config

SysLogFacility LOCAL6

Now modify the syslogd config file:

# vi /etc/syslog.conf

local6.notice /var/adm/syslog/sshd.log


"notice" is the log level.

In the same config file you need say to don't log more in the syslog.log:

*.info;mail.none;local5.none;local6.none        /var/adm/syslog/syslog.log

Restart the sshd
Don't worry you won't miss your current connection.
/sbin/init.d/secsh stop
/sbin/init.d/secsh start


Restart the syslogd:
/sbin/init.d/syslogd stop
/sbin/init.d/syslogd start