mirror of
https://git.sr.ht/~hamburghammer/sshlog
synced 2024-12-23 13:37:41 +01:00
Compare commits
No commits in common. "b345d176026a7811bfa8bea17ea4e10261d2f6c2" and "4fea62262fa2f4e136e80753a5e8829849667a63" have entirely different histories.
b345d17602
...
4fea62262f
3 changed files with 0 additions and 60 deletions
|
@ -41,7 +41,3 @@ FLAGS:
|
|||
-4, --onlyIPv4 Only listens on IPv4.
|
||||
-p, --port string Port to listen for incoming connections. (default "22"))
|
||||
```
|
||||
|
||||
# Utils
|
||||
Inside the `util` directory you might find some additional information like how to create Systemd service for sshlog.
|
||||
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
# Utility
|
||||
A collection of scripts and useful configurations.
|
||||
|
||||
## Systemd
|
||||
You can use the example `sshlog.service` to run `sshlog` as a service under Systemd.
|
||||
|
||||
Copy the `sshlog.service` into `/etc/systemd/system/sshlog.service` and change the `ExecStart` value to point to the `sshlog` executable.
|
||||
If you installed it with `go install` it will be propably located inside your `$GOPATH/bin` directory. Use the full path as
|
||||
value for the `ExecStart` parameter. This is also the location if you wannt to give it some arguments like `-p 2222` for the listening port.
|
||||
|
||||
After saving the configuration under `/etc/systemd/system/sshlog.service` it can be started with `systemctl start sshlog.service` and
|
||||
enabled to run on system boot with `systemctl enable sshlog.service`
|
||||
|
||||
While running it with Systemd all logs can be accesst with `journalctl -u sshlog.service`.
|
||||
|
|
@ -1,41 +0,0 @@
|
|||
[Unit]
|
||||
Description=SSH Auth Logging
|
||||
Requires=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Restart=always
|
||||
RestartSec=30sec
|
||||
# Path to the executable
|
||||
ExecStart=/home/user/go/bin/sshlog -p 2222
|
||||
KillSignal=SIGTERM
|
||||
|
||||
# Stop trying to restart the service if it restarts too many times in a row
|
||||
StartLimitInterval=5min
|
||||
StartLimitBurst=4
|
||||
|
||||
StandardOutput=journal
|
||||
StandardError=journal
|
||||
StandardInput=null
|
||||
|
||||
DynamicUser=yes
|
||||
|
||||
PrivateTmp=true
|
||||
PrivateDevices=true
|
||||
PrivateMounts=true
|
||||
ProtectSystem=full
|
||||
#ProtectHome=true
|
||||
RestrictNamespaces=true
|
||||
InaccessiblePaths=/run /var /etc
|
||||
|
||||
PrivateUsers=true
|
||||
|
||||
NoNewPrivileges=true
|
||||
ProtectKernelTunables=true
|
||||
ProtectKernelModules=true
|
||||
ProtectKernelLogs=true
|
||||
ProtectControlGroups=true
|
||||
MemoryDenyWriteExecute=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
Loading…
Reference in a new issue