how can i stop and start ssh with debug and write out a log to a specific text file in AIX UNIX

Hello i have got the following request, please assist with it. I believe Tectia is an ssh team.

"TECTIA is requesting the SSH server in the Unix side (AIX SERVER), be stopped
and restarted with DEBUG and have the server write out the log to a
specific text file "logfile.txt" that can be forwrded to them. "

Please assist me with figuring out how i can stop and start ssh with debug and write out a log to a specific text file.
How can i enable and disable debug mode
Who is Participating?
jackiechen858Connect With a Mentor Commented:
what version AIX are you using?

do a  "lslpp -l | grep ssh" , most likely you will see


that means you are using openssh.

do a "lslpp -f openssh.base.server"  , this will list all the files in openssh.base.server package.

you will see :
/etc/rc.d/rc2.d/Ssshd ( the script to start/stop sshd)

/etc/ssh/sshd_config is the file you need to modify.

#SyslogFacility AUTH
#LogLevel INFO
#SyslogFacility AUTH
LogLevel DEBUG

the log file location is controlled by  vi /etc/syslog.conf

add/modify it as :
auth.debug /tmp/logfile.txt

You need to restart sshd.
/etc/rc.d/rc2.d/Ssshd stop
/etc/rc.d/rc2.d/Ssshd start

be sure you are using console or telnet to access the server before you stop sshd.

woolmilkporcConnect With a Mentor Commented:
You should not forget to create the logfile if it doesn't exist yet and to restart syslogd if you made configuration changes.

- create the logfile, if you configured a new one: touch /tmp/logfile.txt
- restart syslogd: refresh -s syslogd

If you don't want to change sshd_config permanently do the suggested changes/additions to /etc/syslog.conf, then

- stop sshd: stopsrc -s sshd
-- no need to use telnet for this. Existing ssh sessions will not be affected.
- start sshd with the new option: startsrc -s sshd -a "-o loglevel=debug"

If logging is no longer needed just stop sshd and start it without the loglevel option:

stopsrc -s sshd
startsrc -s sshd

assistunixAuthor Commented:
Thank you for that.
Can you tell me what output following commands put in logfile.txt /usr/sbin/sshd -d -d -d 2> logfile.txt

Is this command /usr/sbin/sshd -d -d -d 2> logfile.txt
equivalent to your process of stopping and starting ssh with DEBUG
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Not quite equivalent!

Your command will indeed force sshd to write debug messages to the system log (the more "-d" flags the more detail in the output.)
This means that you will have to configure syslog anyway regardless of the method used.

"logfile.txt" in your example will only contain startup and termination messages, not the full debugging output, which goes, as stated, to syslog.

But attention: When started with "-d" sshd will not go into background automatically, it will not fork, so only one single connection is accepted, and sshd will terminate when this connection ends.

So the "-d" feature is only meant for a one-time debugging run. For longer-term recording of debugging messages and for debugging of multiple (maybe parallel) sessions you should use the "option loglevel" method instead of the "-d flag" method.

assistunixAuthor Commented:
Thank you for that. One more "dumb" question about this topic.
can you tell me what debug is , i tried searching for it on the net, it seems as if debuging is to troubleshoot a problem by viewing it's error. But i would really appreciate if you can give me a straight to the point explanation of debug.

Thank you once again.
A "bug" is how we call a defect in hardware, the OS, application software or in a configuration which commonly would lead to a malfunction some way.

"Debugging" thus means finding and eliminating such an error, making the concerned component work again.

So "debug log / debug message" is a bit wrong, it's the short form for "a message or a logfile entry which could help us in debugging (i.e. finding a hardware/software/configuration error)".

"Bug" itself traces back to very early engineering speech, and there is also a nice story -

(quoting, see below):

In 1946, when Hopper was released from active duty, she joined the Harvard Faculty at the Computation Laboratory where she continued her work on the Mark II and Mark III. Operators traced an error in the Mark II to a moth trapped in a relay, coining the term bug. This bug was carefully removed and taped to the log book. Stemming from the first bug, today we call errors or glitch's [sic] in a program a bug.

Find the above quote and more info in Wikipedia:

assistunixAuthor Commented:
Interesting story. Thank you.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.