ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    How to screen record the session

    Scheduled Pinned Locked Moved IT Discussion
    ffmpegssh
    16 Posts 6 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • IRJI
      IRJ
      last edited by

      I think what is trying to do is record remote access specifically every time SSH is initiated. Is this what you are looking to do? If so I am really interested in learning a solution as well.

      scottalanmillerS 1 Reply Last reply Reply Quote 0
      • black3dynamiteB
        black3dynamite
        last edited by black3dynamite

        Using the script command can make typescript of terminal session.

        https://www.tecmint.com/record-and-replay-linux-terminal-session-commands-using-script/

        https://noise.getoto.net/2016/06/14/how-to-record-ssh-sessions-established-through-a-bastion-host/

        https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility#25725

        IRJI 1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @mshajithn
          last edited by

          @mshajithn said in How to screen record the session:

          I have installed ffmpeg package, how do I record the ssh session?

          What OS? What is the goal?

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @IRJ
            last edited by

            @IRJ said in How to screen record the session:

            I think what is trying to do is record remote access specifically every time SSH is initiated. Is this what you are looking to do? If so I am really interested in learning a solution as well.

            That's not a good solution for that. It would produce giant files that would take forever for a human to watch. Totally impractical for security. Video recording of SSH sessions is really only good for training purposes.

            For security, you want to record the shell session itself in text. Files are miniscule and can be parsed. And you can't blank them out like you can with SSH. With SSH and video, there are lots of ways to hide what is actually being done.

            IRJI 1 Reply Last reply Reply Quote 2
            • IRJI
              IRJ @scottalanmiller
              last edited by

              @scottalanmiller said in How to screen record the session:

              @IRJ said in How to screen record the session:

              I think what is trying to do is record remote access specifically every time SSH is initiated. Is this what you are looking to do? If so I am really interested in learning a solution as well.

              That's not a good solution for that. It would produce giant files that would take forever for a human to watch. Totally impractical for security. Video recording of SSH sessions is really only good for training purposes.

              For security, you want to record the shell session itself in text. Files are miniscule and can be parsed. And you can't blank them out like you can with SSH. With SSH and video, there are lots of ways to hide what is actually being done.

              So you are thinking pulling the history file of each session is the best solution. Maybe you can share that solution on a new post?

              scottalanmillerS 1 Reply Last reply Reply Quote 0
              • IRJI
                IRJ
                last edited by

                I might make a cleaner guide for this 🐷
                https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility

                IRJI 1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @IRJ
                  last edited by

                  @IRJ said in How to screen record the session:

                  @scottalanmiller said in How to screen record the session:

                  @IRJ said in How to screen record the session:

                  I think what is trying to do is record remote access specifically every time SSH is initiated. Is this what you are looking to do? If so I am really interested in learning a solution as well.

                  That's not a good solution for that. It would produce giant files that would take forever for a human to watch. Totally impractical for security. Video recording of SSH sessions is really only good for training purposes.

                  For security, you want to record the shell session itself in text. Files are miniscule and can be parsed. And you can't blank them out like you can with SSH. With SSH and video, there are lots of ways to hide what is actually being done.

                  So you are thinking pulling the history file of each session is the best solution. Maybe you can share that solution on a new post?

                  Not a history, but that idea. When I worked at [redacted] they were crazy anal about this stuff. They did some recording earlier in the process before the history was touched, extremely hard to work around.

                  1 Reply Last reply Reply Quote 0
                  • IRJI
                    IRJ @IRJ
                    last edited by

                    @IRJ said in How to screen record the session:

                    I might make a cleaner guide for this 🐷
                    https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility

                    So I tested this and got it working, but I can just delete the file at the end of my session since it is in my home directory. No privilege elevation even needed.

                    scottalanmillerS 1 Reply Last reply Reply Quote 1
                    • scottalanmillerS
                      scottalanmiller @IRJ
                      last edited by

                      @IRJ said in How to screen record the session:

                      @IRJ said in How to screen record the session:

                      I might make a cleaner guide for this 🐷
                      https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility

                      So I tested this and got it working, but I can just delete the file at the end of my session since it is in my home directory. No privilege elevation even needed.

                      Yeah, what we had working was something that automatically recorded it somewhere via a dedicated Jump server that was the only access point to the other machines.

                      1 Reply Last reply Reply Quote 0
                      • IRJI
                        IRJ @black3dynamite
                        last edited by

                        @black3dynamite said in How to screen record the session:

                        Using the script command can make typescript of terminal session.

                        https://www.tecmint.com/record-and-replay-linux-terminal-session-commands-using-script/

                        https://noise.getoto.net/2016/06/14/how-to-record-ssh-sessions-established-through-a-bastion-host/

                        https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility#25725

                        User can easily delete though

                        black3dynamiteB 1 Reply Last reply Reply Quote 0
                        • black3dynamiteB
                          black3dynamite @IRJ
                          last edited by

                          @IRJ said in How to screen record the session:

                          @black3dynamite said in How to screen record the session:

                          Using the script command can make typescript of terminal session.

                          https://www.tecmint.com/record-and-replay-linux-terminal-session-commands-using-script/

                          https://noise.getoto.net/2016/06/14/how-to-record-ssh-sessions-established-through-a-bastion-host/

                          https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility#25725

                          User can easily delete though

                          What about using something like chattr or SELinux to prevent deletion?
                          https://serverfault.com/questions/448891/how-to-prevent-file-owner-from-changing-deleting-their-own-file-linux-centos

                          IRJI 1 Reply Last reply Reply Quote 0
                          • IRJI
                            IRJ @black3dynamite
                            last edited by

                            @black3dynamite said in How to screen record the session:

                            @IRJ said in How to screen record the session:

                            @black3dynamite said in How to screen record the session:

                            Using the script command can make typescript of terminal session.

                            https://www.tecmint.com/record-and-replay-linux-terminal-session-commands-using-script/

                            https://noise.getoto.net/2016/06/14/how-to-record-ssh-sessions-established-through-a-bastion-host/

                            https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility#25725

                            User can easily delete though

                            What about using something like chattr or SELinux to prevent deletion?
                            https://serverfault.com/questions/448891/how-to-prevent-file-owner-from-changing-deleting-their-own-file-linux-centos

                            Do you think using auditd would be better?

                            https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sec-configuring_pam_for_auditing

                            black3dynamiteB 1 Reply Last reply Reply Quote 1
                            • black3dynamiteB
                              black3dynamite @IRJ
                              last edited by

                              @IRJ said in How to screen record the session:

                              @black3dynamite said in How to screen record the session:

                              @IRJ said in How to screen record the session:

                              @black3dynamite said in How to screen record the session:

                              Using the script command can make typescript of terminal session.

                              https://www.tecmint.com/record-and-replay-linux-terminal-session-commands-using-script/

                              https://noise.getoto.net/2016/06/14/how-to-record-ssh-sessions-established-through-a-bastion-host/

                              https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility#25725

                              User can easily delete though

                              What about using something like chattr or SELinux to prevent deletion?
                              https://serverfault.com/questions/448891/how-to-prevent-file-owner-from-changing-deleting-their-own-file-linux-centos

                              Do you think using auditd would be better?

                              https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sec-configuring_pam_for_auditing

                              Looks a lot less complicating to use.

                              1 Reply Last reply Reply Quote 0
                              • 1 / 1
                              • First post
                                Last post