Your browser does not allow storing cookies. We recommend enabling them.

SSH

Auditing

Tectia Server logs events in the syslog on Unix and in the Windows Event Log on Windows. Logging (auditing) is very important for security. You should check your logs often, or use tools to analyze them. From the logs, you can see, for example, whether unauthorized access has been attempted, and take further action if needed. For example, you could set the hosts from which the attempts have been made as denied, or drop the packets from the domain completely at your firewall. The logs also provide troubleshooting information.

The log events are classified in seven levels, in decreasing order of importance:

Security failure (Windows only)

A user tried to log on but failed.

Security success (Windows only)

A user logged successfully on.

Critical (Unix only)

A critical problem has occurred. By default, this is not used by Tectia Server.

Error

A serious problem has occurred, preventing the intended operation from completing successfully.

Warning

A problem has occurred, but the operation can continue.

Notice (Unix only)

An action has been done.

Informational

Extra troubleshooting information.


 

 
Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more