Question:What steps are needed to enable Debug3 logging for SSH issues?Answer:
a) As root, run:
cd /etc/centrifydc/ssh
vi sshd_config
Uncomment and change the values from:
#SyslogFacility AUTH
#LogLevel INFO
To:
SyslogFacility AUTH
LogLevel DEBUG3
b) Save the changes
c) Restart Centrify OpenSSHd from the /etc/init.d script
# /etc/init.d/centrify-sshd stop
# /etc/init.d/centrify-sshd start
d) Turn on Centrify debug log and clear past log
# /usr/share/centrifydc/bin/addebug on
# /usr/share/centrifydc/bin/addebug clear
e) Reproduce the issue
f) Revert back the changes made in Step a)
g) Run below to collect Host environment, the output file will be placed under /var/centrify/tmp/adinfo_support.tar.gz
# adinfo -t
h) Turn off Centrify debugging:
# /usr/share/centrifydc/bin/addebug off
i) Log entries are saved to: /var/centrify/tmp/adinfo_support.tar.gz
j) If you are reproducing the issue with an ADuser, provide the adquery and dzinfo output, run the following:
# adquery user -A <ADusername> > /tmp/adquery.txt
# dzinfo <ADusername > /tmp/dzinfo.txt
Please send /var/centrify/tmp/adinfo_support.tar.gz, /tmp/adquery.txt, /tmp/dzinfo.txt
Additional Information
From man pages of sshd_config:
LogLevel
Gives the verbosity level that is used when logging messages from sshd. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3. The default is INFO.
DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output.