Logging limit / Auto-cleaning logs / Compress logs

Question

Logging limit / Auto-cleaning logs / Compress logs

unixfox opened this issue 8 years ago · 4 comments

@DeltaEvolution Found an issue with the storage of the logs.
An attacker can make a while loop to output a word and make a huge (size) TTY log or sending lot's of random commands to create a huge (size) log.
I know it's pretty stupid to do this but the attacker can completely fill the hard drive by doing this within a few hours (depends on the storage).
Maybe we could integrate a limit of logging or an auto-cleaning of the useless logs or compressing the huge (size) logs?

Answer 1 · 2016-11-06T20:47:24.000Z

Couldn't you just use logrotate? :)
It would be difficult to know what to filter out of the logs.

They could always download a huge file and you'd have the same disk space issue.

Answer 2 · 2016-11-06T20:53:18.000Z

Thank you for the answer.
~~How do you use logrotate with honSSH ?~~ I found a wiki, if you've a already a configuration I would be happy to have it.

Answer 3 · 2016-11-06T20:56:08.000Z

Sorry, never had the requirement to add it to my installation. Should be fairly straightforward, plenty of examples online.

Answer 4 · 2016-11-06T20:59:14.000Z

Okay, thank you. If I manage to make it work, I'll make a wiki page for this.