Is it possible for a user to access an Ubuntu server without triggering a log entry of their information in /var/log/auth.log or /var/log/syslog ?
Is it possible for a user to access an Ubuntu server without triggering a log entry of their information in /var/log/auth.log or /var/log/syslog ?
CPU:AMD Turion(tm) 64 X2 Mobile Technology TL-52*slot: Socket S1,1600MHz*RAM: DIMM DDR2 667 MHz X 2 1GB*HDISK: Western Digital ATA Disk (320GB)*video: nVidia Geforce Go 6150 clock: 66MHz*wifi: Broadcom Corporation BCM4311
eth0: nVidia MCP51
Just for a single user only?
If I'm not mistaken you can disable logging globally but not for a single user only.
So it in a security sense, monitoring the syslog and auth.log would give some indication if there is someone/something trying to access the system?
CPU:AMD Turion(tm) 64 X2 Mobile Technology TL-52*slot: Socket S1,1600MHz*RAM: DIMM DDR2 667 MHz X 2 1GB*HDISK: Western Digital ATA Disk (320GB)*video: nVidia Geforce Go 6150 clock: 66MHz*wifi: Broadcom Corporation BCM4311
eth0: nVidia MCP51
Yup. even passwordless ssh logins, even cron jobs (I think) are log on those files.
CPU:AMD Turion(tm) 64 X2 Mobile Technology TL-52*slot: Socket S1,1600MHz*RAM: DIMM DDR2 667 MHz X 2 1GB*HDISK: Western Digital ATA Disk (320GB)*video: nVidia Geforce Go 6150 clock: 66MHz*wifi: Broadcom Corporation BCM4311
eth0: nVidia MCP51
--
Jim Kyle in Oklahoma, USA
Linux Counter #259718
Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads
Any follow-up information on your issue would be appreciated. Please have the courtesy to report back.
CPU:AMD Turion(tm) 64 X2 Mobile Technology TL-52*slot: Socket S1,1600MHz*RAM: DIMM DDR2 667 MHz X 2 1GB*HDISK: Western Digital ATA Disk (320GB)*video: nVidia Geforce Go 6150 clock: 66MHz*wifi: Broadcom Corporation BCM4311
eth0: nVidia MCP51
Hi again,
I made a mistake. scp logins do show up in auth.log. Sorry.
Any follow-up information on your issue would be appreciated. Please have the courtesy to report back.
Bookmarks