yubikey-val icon indicating copy to clipboard operation
yubikey-val copied to clipboard

Published 20 hours ago verified publisher icon Yubico

Log level configurable?

Open mig5 opened this issue 10 years ago • 2 comments

Hi,

I find the logging to /var/log/ykval.log (for the Validation server) and /var/log/auth.log (KSM, per the current out-of-the-box config) extremely verbose, and this might expose more info than desired in logs, even in relatively secured servers.

E.G the KSM appears to log 'plaintext' values post-decryption, not sure how sensitive but it raises alarm bells

Is there any way to configure the verbosity level in the config.php files in /etc/yubico/(val or ksm)/* ? I can't seem to find any sample configuration or documentation that states it's possible (without modifying the PHP directly)

Thanks

mig5 avatar Jul 05 '14 11:07 mig5

Typically loglevel would be configured in syslog, using:

local0.info -/var/log/ykval.log

or similar

klali avatar Sep 23 '14 08:09 klali

I would appreciate a configuration option in config.php. Decrease logging into syslog is easy, but modern systems have journald and the service should normally not log that much into journald.

keachi avatar Jan 03 '17 09:01 keachi