0

I have a cron job running that gets a file from a server once a minute with a specific user (UID 999). Since the scp command runs every minute, it quite floods my auth log. Is there a way to disable logging for this specific user in auth.log?

I found this howto http://www.tuxad.de/blog/archives/2014/07/02/disable_ssh_session_logging_for_specific_user/index.html

But entering 

session [success=done default=ignore] pam_succeed_if.so quiet uid eq 999

into /etc/pam.d/common-session doesn't stop the logging of that user's access. Am I doing something wrong here?

user6329530
  • 340
  • 1
    Better solution: use connection caching so that you're not re-authing every time. Google "ssh ControlMaster" – phemmer Jun 18 '18 at 15:34
  • hm it doesn't seem to work. I created a ControlMaster socket as described in https://unix.stackexchange.com/questions/244748/how-to-properly-use-ssh-controlmaster in the .ssh/config for the user doing the connections but it still authenticates once a minute. I see the socket in master-socket/ but it still connects and closes the connection. Does this actually work with scp? – user6329530 Jun 18 '18 at 16:38
  • It works then I run it manually using ssh to that server and as well as the script with the scp in it. With -vv I see it's using the master: "debug1: auto-mux: Trying existing master debug2: fd 3 setting O_NONBLOCK" But when the same script runs in a cron job it does the same debug outbut but still shows up in auth.log on the server... – user6329530 Jun 18 '18 at 16:59
  • 1
    If you want to figure out why it works manually, and not via a cron job, I'd post a question asking specifically about that. Provide details about how the script your cron job is running, what your ssh config looks like, etc. – phemmer Jun 19 '18 at 03:09

0 Answers0