# Turn OFF Debug Logging for keepalive@openssh.com



## gmmarcus (Oct 24, 2022)

Guys,

I have a freebsd 12 box  and the message

'debug1: client_input_channel_req: channel 0 rtype keepalive@openssh.com reply 1 '

appears too often  when we are working in the console.

From the post at https://forums.freebsd.org/threads/...-0-rtype-keepalive-openssh-com-reply-1.62319/

I understand that we have to turn of debug logging for keepalive but I dont know which file to edit.

Pls advise.

Thanks.
GMMarcus
FreeBSD Noob


----------



## Alain De Vos (Oct 24, 2022)

Decrease LogLevel in
/etc/usr/local/ssh/sshd_config ?


----------



## gmmarcus (Oct 24, 2022)

Hi, contents of sshd_config are as follows;

```
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
Port 2201
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
Compression delayed
ClientAliveInterval 30
PermitRootLogin yes

# Login via Key or Password

ChallengeResponseAuthentication yes
PasswordAuthentication yes
PubkeyAuthentication yes
UseDNS no
LoginGraceTime 30s
VersionAddendum none
AllowAgentForwarding no
X11Forwarding no
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com

# override default of no subsystems

Subsystem       sftp    /usr/libexec/sftp-server
```

I don't see anything that directly refers to 'Debug / Logging'.

Or is there a separate config for keep-alive ?


----------



## SirDice (Oct 24, 2022)

What's in /etc/syslog.conf? Anything custom in /etc/syslog.d/ perhaps?


----------



## gmmarcus (Oct 25, 2022)

SirDice said:


> What's in /etc/syslog.conf?


Hi,

Contents of /etc/syslog.conf as below;


```
# Automatically generated, do not edit!
# Place configuration files in /var/etc/syslog.d
!*
include                                         /var/etc/syslog.d
```

I should mention this is a pfSense box on top of FreeBSD and I am looking into the internals and hence these questions.



SirDice said:


> Anything custom in /etc/syslog.d/ perhaps?



Going into /var/etc/syslog.d, we have pfsense.conf WHICH DOES HAVE loggging related info as below;


```
# Automatically generated, do not edit!
!*
auth.*;authpriv.*                         /var/log/auth.log
!radvd,routed,zebra,ospfd,ospf6d,bgpd,watchfrr,miniupnpd,igmpproxy
*.*                                /var/log/routing.log
!ntp,ntpd,ntpdate
*.*                                /var/log/ntpd.log
!ppp
*.*                                /var/log/ppp.log
!poes
*.*                                /var/log/poes.log
!l2tps
*.*                                /var/log/l2tps.log
!charon,ipsec_starter
*.*                                /var/log/ipsec.log
!openvpn
*.*                                /var/log/openvpn.log
!dpinger
*.*                                /var/log/gateways.log
!dnsmasq,named,filterdns,unbound
*.*                                /var/log/resolver.log
!dhcpd,dhcrelay,dhclient,dhcp6c,dhcpleases,dhcpleases6
*.*                                /var/log/dhcpd.log
!hostapd
*.*                                 /var/log/wireless.log
!filterlog
*.*                                 /var/log/filter.log
!logportalauth
*.*                                 /var/log/portalauth.log
!-ntp,ntpd,ntpdate,charon,ipsec_starter,openvpn,poes,l2tps,hostapd,dnsmasq,named,filterdns,unbound,dhcpd,dhcrelay,dhclient,dhcp6c,dpinger,radvd,routed,zebra,ospfd,ospf6d,bgpd,watchfrr,miniupnpd,igmpproxy,filterlog
local3.*                            /var/log/vpn.log
local5.*                            /var/log/nginx.log
*.notice;kern.debug;lpr.info;mail.crit;daemon.none;news.err;local0.none;local3.none;local4.none;local7.none;security.*;auth.info;authpriv.info;daemon.info    /var/log/system.log
auth.info;authpriv.info                     |exec /usr/local/sbin/sshguard -i /var/run/sshguard.pid
*.emerg                                *
```


Anything there to turn off Debug Logging ?


----------



## SirDice (Oct 25, 2022)

gmmarcus said:


> I should mention this is a pfsense box on top of freebsd


pfSense doesn't run "on top" of FreeBSD. 

GhostBSD, pfSense, TrueNAS, and all other FreeBSD Derivatives


----------



## gmmarcus (Oct 25, 2022)

Noted.


----------

