摘自并修订:https://www.cnblogs.com/kgdxpr/p/7169333.html
参考SFTP-SERVER的man page:http://man.he.net/man8/sftp-server
0、man SFTP-SERVER
先了解sftp-server的参数用法
1、修改ssh的配置
在146行左右修改如下配置
注:如文件中已经存在如下配置,请先注释
2、修改rsyslog配置
在最后增加如下配置
3、重启服务
4、查看日志
设置登陆后的目录为/root // 打开xftp,连接192.168.25.72没有日志, 设置密码后的日志如下 Mar 10 11:42:58 localhost sshd[6189]: Accepted password for root from 192.168.25.24 port 59725 ssh2 Mar 10 11:42:59 localhost systemd-logind: New session 27 of user root. Mar 10 11:42:59 localhost sshd[6189]: pam_unix(sshd:session): session opened for user root by (uid=0) Mar 10 11:42:59 localhost sftp-server[6193]: session opened for local user root from [192.168.25.24] Mar 10 11:42:59 localhost sftp-server[6193]: received client version 4 Mar 10 11:42:59 localhost sftp-server[6193]: realpath "." Mar 10 11:42:59 localhost sftp-server[6193]: debug1: request 0: sent names count 1 Mar 10 11:42:59 localhost sftp-server[6193]: opendir "/root" Mar 10 11:42:59 localhost sftp-server[6193]: debug1: request 2: sent handle handle 0 Mar 10 11:42:59 localhost sftp-server[6193]: debug1: request 3: readdir "/root" (handle 0) Mar 10 11:42:59 localhost sftp-server[6193]: debug1: request 3: sent names count 44 Mar 10 11:42:59 localhost sftp-server[6193]: debug1: request 4: readdir "/root" (handle 0) Mar 10 11:42:59 localhost sftp-server[6193]: sent status End of file Mar 10 11:42:59 localhost sftp-server[6193]: closedir "/root" Mar 10 11:42:59 localhost sftp-server[6193]: sent status Success
// 不切换止步,直接关闭xftp窗口后的日志 Mar 10 11:43:10 localhost sftp-server[6193]: debug1: read eof Mar 10 11:43:10 localhost sftp-server[6193]: session closed for local user root from [192.168.25.24] Mar 10 11:43:10 localhost sshd[6189]: pam_unix(sshd:session): session closed for user root Mar 10 11:43:10 localhost systemd-logind: Removed session 27.