Compare commits

..

No commits in common. "b345d176026a7811bfa8bea17ea4e10261d2f6c2" and "4fea62262fa2f4e136e80753a5e8829849667a63" have entirely different histories.

3 changed files with 0 additions and 60 deletions

View file

@ -41,7 +41,3 @@ FLAGS:
-4, --onlyIPv4 Only listens on IPv4.
-p, --port string Port to listen for incoming connections. (default "22"))
```
# Utils
Inside the `util` directory you might find some additional information like how to create Systemd service for sshlog.

View file

@ -1,15 +0,0 @@
# Utility
A collection of scripts and useful configurations.
## Systemd
You can use the example `sshlog.service` to run `sshlog` as a service under Systemd.
Copy the `sshlog.service` into `/etc/systemd/system/sshlog.service` and change the `ExecStart` value to point to the `sshlog` executable.
If you installed it with `go install` it will be propably located inside your `$GOPATH/bin` directory. Use the full path as
value for the `ExecStart` parameter. This is also the location if you wannt to give it some arguments like `-p 2222` for the listening port.
After saving the configuration under `/etc/systemd/system/sshlog.service` it can be started with `systemctl start sshlog.service` and
enabled to run on system boot with `systemctl enable sshlog.service`
While running it with Systemd all logs can be accesst with `journalctl -u sshlog.service`.

View file

@ -1,41 +0,0 @@
[Unit]
Description=SSH Auth Logging
Requires=network-online.target
[Service]
Type=simple
Restart=always
RestartSec=30sec
# Path to the executable
ExecStart=/home/user/go/bin/sshlog -p 2222
KillSignal=SIGTERM
# Stop trying to restart the service if it restarts too many times in a row
StartLimitInterval=5min
StartLimitBurst=4
StandardOutput=journal
StandardError=journal
StandardInput=null
DynamicUser=yes
PrivateTmp=true
PrivateDevices=true
PrivateMounts=true
ProtectSystem=full
#ProtectHome=true
RestrictNamespaces=true
InaccessiblePaths=/run /var /etc
PrivateUsers=true
NoNewPrivileges=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectKernelLogs=true
ProtectControlGroups=true
MemoryDenyWriteExecute=true
[Install]
WantedBy=multi-user.target