Lateef Taiwo:
Please I want a clarification on the answer to this question.
Search the logs for entries related to the SSH daemon i.e sshd. Find out what IP address last
connected to this daemon successfully.Save that IP in /home/bob/ip.txt file.
The command: sudo journalctl --unit=sshd.service -n 20 --no-pager
displays log entries for the sshd.service.
why do we need to add “-n 20 --no-pager” at the end of the command.
@Aaron Lockhart
Aaron Lockhart:
@Lateef Taiwo: They’re not strictly necessary.
-n 20 limits the output to 20 lines, and limiting it should make it easier to work with.
--no-pager makes sure the output of journalctl doesn’t open in a pager like less so that you don’t have exit it when you’re done looking. The -n 20 option is also helpful here to make sure you don’t have to scroll.
Lateef Taiwo:
Thank you
@Aaron-Lockhart can i use something like cat /var/log/messages | grep ssh for finding the required ip ??
or maybe in /var/log/secure ??