Master rsyslog & OpenSSH: Step‑by‑Step Server Logging and Secure Access
This guide walks you through configuring rsyslog for centralized log collection, distinguishing syslog and klog processes, and setting up OpenSSH with host keys and password‑less RSA authentication, including practical command examples and essential rsyslog and SSH options.
Log Management
Both syslogd (user‑space logs) and klogd (kernel logs) run as separate processes.
# ps aux | grep syslogd
root 1194 0.0 0.2 218472 5768 ? Ssl 16:37 0:00 /usr/sbin/rsyslogd -n
root 1355 0.0 0.0 12108 1088 pts/0 S+ 16:48 0:00 grep --color=auto syslogd
# ps aux | grep klogd
root 1362 0.0 0.0 12108 1080 pts/0 S+ 16:51 0:00 grep --color=auto klogdTo configure an rsyslog server, clone a VM (full clone) and assign static IPs:
Client (lnh): 192.168.222.250
Server (xbz): 192.168.222.251
Edit /etc/rsyslog.conf on the client to enable remote forwarding, then restart the service: # systemctl restart rsyslog.service On the server, uncomment the four lines that enable remote reception, then restart rsyslog and temporarily disable the firewall and SELinux enforcement:
# systemctl restart rsyslog.service
# systemctl stop firewalld.service
# setenforce 0Verify that the server is listening on port 514/UDP and that logs appear with tail -f /var/log/secure.
OpenSSH
Client (lnh) IP: 192.168.222.250, Server (xbz) IP: 192.168.222.251.
Basic SSH connection example:
# ssh [email protected]
The authenticity of host '192.168.222.251 (192.168.222.251)' can't be established.
ECDSA key fingerprint is SHA256:y11UDaNXs3AnvVUnZQfAim2VHAplF09YOvQp2NemHyk.
Are you sure you want to continue connecting (yes/no/[fingerprint])? y
Warning: Permanently added '192.168.222.251' (ECDSA) to the list of known hosts.
[email protected]'s password:Host keys are stored in /etc/ssh/ssh_host_*_key* on the server. Example of a public host key entry in ~/.ssh/known_hosts:
192.168.222.251 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKh5FAHxXc6ck4NXY9q32oHHoZrK1+aMTpEo6smApoMbBUfvSd9YxtlRhd9TdPy8qfPwBg6ZdRkEFeRxlIzaSh8=Generating SSH Key Pairs
On the client:
# ssh-keygen -t rsa
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.Copy the public key to the server:
# ssh-copy-id [email protected]
Number of key(s) added: 1After the key is installed, password‑less login works:
# ssh [email protected]
Last login: Tue Jul 19 17:05:36 2022 from 192.168.222.1Repeat the key generation on the server if you also need password‑less access from the client to the server.
Common SCP Options
-r– recursive copy -p – preserve file attributes -P – specify remote port -q – quiet mode -a – archive mode (equivalent to -rp)
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Raymond Ops
Linux ops automation, cloud-native, Kubernetes, SRE, DevOps, Python, Golang and related tech discussions.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.