Is it possible to log and monitor user activities in a SSH session. Is there any configuration or a patch to apply ?. Im currently using OpenSSH with AIX 5.3L
1) Change the users shell to something else like
/bin/myscript (a script that you will write)
2) That script will actually log everything in a text file (in a weird place that he wont be able to guess) and process all the commands from the shell he/she was using earlier
So basically its a wrapper around the shell
3) Stop user to change shells using sudo or other means
Basically this is not a foolproof plan as the user will be able to change the file since he will have the same access rights as the logshell
Edit: I noticed that if I made the change directly to the /etc/passwd line then tried the chsh it always gave me the "Value is invalid" error even if I put in a normal shell like /bin/ksh, so if you made the change manually prior you have to correct it first before using the kosher method...