[mosh-users] Logging from mosh-server

Jim Cheetham jim.cheetham at otago.ac.nz
Wed Dec 18 16:09:10 EST 2013 

Thanks Keith, that's a good start.

I see a use-case difference between the network tick messages, the cases
where users disconnect/change source IP, and when exceptions are
detected; at the moment all of these are going to stderr. Are there any
other classes of message I've missed?

What approach would you like to use to differentiate? The syslog way is
to give each of these cases a different facility.level; and then a
combination of command-line flags to enable logging for that facility,
and syslog configuration to decide where to send them. Of course syslog
is a new dependency, but hopefully a positive one.

The quick hack way would be to just collect stderr, then filter it
through some regexps to discard the items we're not interested in, and
pass the remainder to a log file, or to syslog (perhaps via logger).
Trying to use complicated shell redirections via the mosh command isn't
very successful, the quoting is ... tricky :-)

The simple case here does work, though.
$ ./mosh "--server=mosh-server new -v 2>/tmp/mosh-server.2.log" user at host
although at the far end it is a little redundant in expansion
$ mosh-server new -v new -s -c 8 -l LANG=en_NZ.UTF-8 -l LANGUAGE=en_NZ:en

-jim

Excerpts from Keith Winstein's message of 2013-12-19 06:28:33 +1300:
> In addition, you can add a "-v" flag to the mosh-server command line to get
> extra debugging information. It will log a "Crypto exception" if it gets an
> invalid datagram.
> 
> On Wed, Dec 18, 2013 at 12:02 PM, Quentin Smith <quentin at mit.edu> wrote:
> 
> > On platforms that support updating utmp, yes, the user's IP address is
> > updated whenever the server detects a client IP change. (It's also updated
> > when the server thinks the client is offline.)
> >
> > --Quentin
> >
> >
> > On Wed, 18 Dec 2013, Jim Cheetham wrote:
> >
> >  What sort of logs are available from mosh-server? I'm particularly
> >> interested in being able to detect invalid attempts to talk to the
> >> server (more likely to be DoS than realistic attempts to guess the key),
> >> and also to track when a 'connected' user changed IP address
> >> successfully. Related to this, do we update utmp when a user's IP
> >> address changes, or only when it is initially connected?
> >>
> >> -jim
> >> --
> >> Jim Cheetham, Information Security, University of Otago, Dunedin, N.Z.
> >> ✉ jim.cheetham at otago.ac.nz       ☏ +64 3 470 4670 ☏ m +64 21 227 0015
> >> ⚷ OpenPGP: B50F BE3B D49B 3A8A 9CC3 8966 9374 82CD C982 0605
> >>
> >
> > _______________________________________________
> > mosh-users mailing list
> > mosh-users at mit.edu
> > http://mailman.mit.edu/mailman/listinfo/mosh-users
> >
> >
-- 
Jim Cheetham, Information Security, University of Otago, Dunedin, N.Z.
✉ jim.cheetham at otago.ac.nz       ☏ +64 3 470 4670 ☏ m +64 21 227 0015
⚷ OpenPGP: B50F BE3B D49B 3A8A 9CC3 8966 9374 82CD C982 0605
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/mosh-users/attachments/20131219/0c6a3c7c/attachment.bin

More information about the mosh-users mailing list