the nullest blog

I recently installed the ssh daemon on cygwin and it works very well. However, by default to the windows event log. This annoyed me. By doing some google/Internet research I found out that this could be “solved” by starting the ssh daemon with the command line flag “-e” which tells sshd to log all error messages to stderr. Fair enough, the messages turned up in /var/log/sshd.log. But without the date wasn’t logged. This annoyed me even more. Infact, i didn’t want to send the log messages to stderr but I didn’t want them to be directed to the windows log niether.

By doing some more internet research I found out that the deamon syslog-ng could be installed for cygwin. I gave it a shot. You’ll find it in the Admin category in the Cygwin setup:

Once the setup has finished you can install the syslog-ng daemon by typing:

/usr/bin/syslog-ng-config

and answer yes to all questions (or no if you should disagree on something)
Before starting the daemon you might have to edit the file /etc/syslog-ng.conf.
The following configuration file worked for me:

options {
keep_hostname(yes);
chain_hostnames(no);
owner("system");
group("root");
perm(0664);
sync(0);
};source applications {
unix-dgram("/dev/log");
internal();
};

source kernel {
file("/dev/kmsg", log_prefix("kernel: "));
};

destination messages {
file("/var/log/messages");
};

destination sshd { file("/var/log/sshd.log"); };

filter f_sshd { program(sshd); };

log { source(applications); filter(f_sshd); destination(sshd); };

log {
source(applications);
destination(messages);
};

log {
source(kernel);
destination(messages);
};