cryptboot-ssh

cryptboot-ssh copied to clipboard

As a system administrator, I want to see when and who retrieves cryptkeys from the cryptserver. As the logging facilities differ much from system to system and from administrator to administrator, a general way of adding logging hooks should be installed.

AC:

• Parameters for logging hooks are defined.
• The keyserver has to possibility to call (all) logging scripts that reside in a hook directory.
• The changes are posix compliant (e.g. do not only work with bash)
• The changes are documented in the README

@459below do you think this approach will be ok? I'm unsure about the parameters (and the general approach).

If I understand this right, we want to have the capability to log to something simple as syslog, but also keep compatibility to embedded Linux systems like Android, yes?

I see how this approach would solve this problem. One could even implement some sort of notification mechanisms as a hook, if they choose to.

This is how output on SimpleSSHD would already show up on the phone.

Yes, this is the general idea. I was planning to implement some notifications to irc as well as mail notifications for key retrievals. Using a hook for syslog would be the most basic example.