rapier1/hpn-ssh

Purpose of additional logs at normal log level?

nh2 opened this issue · 5 comments

nh2 commented

When using the patch set as a drop-in for openssh, all SSH connections (e.g. invoked directly via SSH or via rsync) print additional stuff into the terminal:

SSH: Server;Ltype: Version;Remote: 1.2.3.4-22;Protocol: 2.0;Client: OpenSSH_8.2

This is from e.g.

f2341a1#diff-cc9e833353f4432391cb4c8463c0a2beR1357

Is that intended?

Would it make sense to turn it off, so that you use the patched ssh for scripting without getting additional output printed?

It is not intended. My apologies for that. I thought I had pushed the changes to fix that issue. I will do that shortly and update the tags.

As an aside - this was caused by changes in OpenSSH (specifically moving the key exchange from an sshd function to a generic kex (key exchange function). When a log command is issued on the client side it is, by default, sent to STDOUT. You can have that redirected to syslog by using the -y option. That said, I had code to determine if the kex was happening on the client side and to squelch log message. Somehow I lost it (probably forgot to do a push) so I'll need to recreate it.

Okay, all fixed in git. I'll push the changes out to sourceforge soon. Sorry about this oversight.

I also fixed a linking error for gcc10 as an added bonus.

nh2 commented

@rapier1 Thanks, much appreciated!

Is the place in dd8b44b the only one that needs to be handled though?

I found 4 logs that looked like this in the code: nh2@a7fb26a

It should be. If the function 'logit' is called on the client side the default is to send it to STDOUT unless you use -E to append it to a file or -y to send it to syslog. So change I made is the only place where sending HPN related information to the syslog could end up being called by the client. There are other locations where OpenSSH might send syslog information on the client side but that's outside of my scope.