Hello everyone, this is my first time posting on the FreeBSD forums.
I recently set up my first FreeBSD server at home. I'm using it as a SFTP server. This is my first experience configuring and attempting to harden a Unix server. I guess, due to my inexperience with servers, I was completely astonished when I checked the /var/log/auth.log file and I saw the enormous number of attempted unauthorized connections after just my first day of deployment.
My question to the community is how can I view active ssh connections to my system? I have tried who(1), and it only shows me logged in locally as root even though I am connected via ssh to my user account on a remote machine. I have also tried
Thanks
I recently set up my first FreeBSD server at home. I'm using it as a SFTP server. This is my first experience configuring and attempting to harden a Unix server. I guess, due to my inexperience with servers, I was completely astonished when I checked the /var/log/auth.log file and I saw the enormous number of attempted unauthorized connections after just my first day of deployment.
My question to the community is how can I view active ssh connections to my system? I have tried who(1), and it only shows me logged in locally as root even though I am connected via ssh to my user account on a remote machine. I have also tried
w
and w -a
with similar results (i.e. it doesn't show the remote connection). I have also tried the last
command but I can't seem to glean the desired information from the output as it doesn't show remote connections via ssh. Lastly I have tried zgrep sshd /var/log/auth.log
but it doesn't show me real time connections. Any advice on how to see active ssh connections would be great!Thanks