mirror of
https://git.sr.ht/~hamburghammer/sshlog
synced 2025-01-10 14:17:41 +01:00
Compare commits
4 commits
4fea62262f
...
b345d17602
Author | SHA1 | Date | |
---|---|---|---|
b345d17602 | |||
abdaa65cfa | |||
c4f38cd7e1 | |||
279b3fa159 |
3 changed files with 60 additions and 0 deletions
|
@ -41,3 +41,7 @@ FLAGS:
|
|||
-4, --onlyIPv4 Only listens on IPv4.
|
||||
-p, --port string Port to listen for incoming connections. (default "22"))
|
||||
```
|
||||
|
||||
# Utils
|
||||
Inside the `util` directory you might find some additional information like how to create Systemd service for sshlog.
|
||||
|
||||
|
|
15
util/README.md
Normal file
15
util/README.md
Normal file
|
@ -0,0 +1,15 @@
|
|||
# Utility
|
||||
A collection of scripts and useful configurations.
|
||||
|
||||
## Systemd
|
||||
You can use the example `sshlog.service` to run `sshlog` as a service under Systemd.
|
||||
|
||||
Copy the `sshlog.service` into `/etc/systemd/system/sshlog.service` and change the `ExecStart` value to point to the `sshlog` executable.
|
||||
If you installed it with `go install` it will be propably located inside your `$GOPATH/bin` directory. Use the full path as
|
||||
value for the `ExecStart` parameter. This is also the location if you wannt to give it some arguments like `-p 2222` for the listening port.
|
||||
|
||||
After saving the configuration under `/etc/systemd/system/sshlog.service` it can be started with `systemctl start sshlog.service` and
|
||||
enabled to run on system boot with `systemctl enable sshlog.service`
|
||||
|
||||
While running it with Systemd all logs can be accesst with `journalctl -u sshlog.service`.
|
||||
|
41
util/sshlog.service
Normal file
41
util/sshlog.service
Normal file
|
@ -0,0 +1,41 @@
|
|||
[Unit]
|
||||
Description=SSH Auth Logging
|
||||
Requires=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Restart=always
|
||||
RestartSec=30sec
|
||||
# Path to the executable
|
||||
ExecStart=/home/user/go/bin/sshlog -p 2222
|
||||
KillSignal=SIGTERM
|
||||
|
||||
# Stop trying to restart the service if it restarts too many times in a row
|
||||
StartLimitInterval=5min
|
||||
StartLimitBurst=4
|
||||
|
||||
StandardOutput=journal
|
||||
StandardError=journal
|
||||
StandardInput=null
|
||||
|
||||
DynamicUser=yes
|
||||
|
||||
PrivateTmp=true
|
||||
PrivateDevices=true
|
||||
PrivateMounts=true
|
||||
ProtectSystem=full
|
||||
#ProtectHome=true
|
||||
RestrictNamespaces=true
|
||||
InaccessiblePaths=/run /var /etc
|
||||
|
||||
PrivateUsers=true
|
||||
|
||||
NoNewPrivileges=true
|
||||
ProtectKernelTunables=true
|
||||
ProtectKernelModules=true
|
||||
ProtectKernelLogs=true
|
||||
ProtectControlGroups=true
|
||||
MemoryDenyWriteExecute=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
Loading…
Reference in a new issue