# Configure an increase in SSH logging verbosity



## c00kie (Jun 19, 2014)

Hi

I'm trying to log sshd sessions on my filesystem, here's my approach: 

`touch /var/log/sshd.log`

2. edit /etc/syslog.conf adding lines 


```
!sshd *.* 
/var/log/sshd.log
```

`killall -HUP syslogd`

The sshd should now be logging stuff in /var/log/sshd.log 

Over to /etc/ssh/sshd_config

```
SyslogFacility AUTH
LogLevel DEBUG
```

and in /etc/rc.conf

```
syslogd_enable="YES"
```


I reboot the sever, log back in through an SSH tunnel and check /var/log/sshd.log hoping to see my recent login - only it's empty!

What am I missing?


----------



## SirDice (Jun 20, 2014)

It's already being logged in /var/log/auth.log. Note the SyslogFacility and /etc/syslog.conf:

```
auth.info;authpriv.info                         /var/log/auth.log
```


----------



## c00kie (Jun 20, 2014)

SirDice said:
			
		

> It's already being logged


 Ah, I see, well pointed out Sir D. Ta.


----------

