I would like to log all the commands that are entered on an ssh client. I can do this successfully, however, I dont want to log user logins and passwords. Is there any way to identify passwords and avoid them? For example, I can look for a string 'password:' and ignore everything until a nl/cr. Is there any other way to identify the password prompt reliably so that I can ignore them?
TIA
Bala
How are you doing this now? Using the script command will cause a log of everything to be saved (commands and their output) to a file but it doesn't show passwords when prompted since echo is turned off by the password utility.
We are logging the interaction between the user and the system using the ssh clients interface. The commands are captured before they are sent to the server. The server must know when to prompt for a password. Given this, are there special characteristics for the password prompt when it is issued by the server or is it completely a function of the client?
balag