Alcatel Unleashed

The #1 Worldwide board for technical support on Alcatel-Lucent Voice & Data gear.
https://alcatelunleashed.com/

Show SSH login user

https://alcatelunleashed.com/viewtopic.php?t=30132

Page 1 of 1

Show SSH login user

Posted: 28 Oct 2019 23:13
by eugene
OS6450's SSH logs don't show which user is logged in.

Code: Select all

THU OCT 24 16:18:31 2019 SSH info Session 46 New SSH Connection from 10.1.1.1 port 55522
OS6900's SSH logs does show the username.

Code: Select all

2019 Oct 24 15:39:18.861 stack sshd[9864] Received publickey for eugene from 10.1.1.1 port 56426 ssh2
Does anyone have a clue how to make OS6450 emit the username? I tried these methods to no avail:
1. Enable "aaa switch-access mode enhanced"
2. Enabling "debug" mode on the logging mechanism on certain apps

On debug logs in (2), is there a way to enable debug mode for ALL applications? I found a unwritten command "swlog console level" to set the log level for the console but can't find a similar one for all apps.

Code: Select all

-> show swlog
Operational Status                    : On,
Log Device 1                          : flash,
Log Device 2                          : console,
Syslog FacilityID                     : local0(16),
Remote command-log                    : Disabled,
Console Display Level                 : debug1 (7),
All Applications Not Shown Level      : info (6)


Thanks in advance!

Re: Show SSH login user

Posted: 28 Oct 2019 23:26
by eugene
"swlog appid ssh level debug1" turns on debug1 mode for SSH but it generates over 300 lines per login just for the following line. Too verbose!.

Code: Select all

TUE OCT 29 11:22:03 2019            SSH  debug1 [SSH 32] userauth-request for user eugene service ssh-connection method publicke
TUE OCT 29 11:22:03 2019            SSH  debug1 [Count.]y
Any tips on how to get the username without needing this level of verbosity?

On a separate note, it seems that there are many "secret CLI commands" that are not listed in the CLI Reference Guide.

Re: Show SSH login user

Posted: 29 Oct 2019 02:05
by silvio
use for this the command-log feature.
regards
Silvio

Re: Show SSH login user

Posted: 31 Oct 2019 21:30
by eugene
Thanks Silvio! Is there any way to print the userid in "show log swlog" like what the OS6900 outputs?

Re: Show SSH login user

Posted: 01 Nov 2019 01:37
by silvio
I do not know any way. I use the command-log for it.
regards
Silvio

Re: Show SSH login user

Posted: 01 Nov 2019 21:23
by eugene
My security team is ok with piecing together "show log swlog" and "show command-log" so I found my solution. Thank you again Silvio.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited