ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    How to screen record the session

    Scheduled Pinned Locked Moved IT Discussion
    ffmpegssh
    16 Posts 6 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • EddieJenningsE
      EddieJennings
      last edited by

      Probably overkill for what you're wanting, but I use OBS for screen recording on Fedora.

      1 Reply Last reply Reply Quote 0
      • IRJI
        IRJ
        last edited by

        I think what is trying to do is record remote access specifically every time SSH is initiated. Is this what you are looking to do? If so I am really interested in learning a solution as well.

        scottalanmillerS 1 Reply Last reply Reply Quote 0
        • black3dynamiteB
          black3dynamite
          last edited by black3dynamite

          Using the script command can make typescript of terminal session.

          https://www.tecmint.com/record-and-replay-linux-terminal-session-commands-using-script/

          https://noise.getoto.net/2016/06/14/how-to-record-ssh-sessions-established-through-a-bastion-host/

          https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility#25725

          IRJI 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @mshajithn
            last edited by

            @mshajithn said in How to screen record the session:

            I have installed ffmpeg package, how do I record the ssh session?

            What OS? What is the goal?

            1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @IRJ
              last edited by

              @IRJ said in How to screen record the session:

              I think what is trying to do is record remote access specifically every time SSH is initiated. Is this what you are looking to do? If so I am really interested in learning a solution as well.

              That's not a good solution for that. It would produce giant files that would take forever for a human to watch. Totally impractical for security. Video recording of SSH sessions is really only good for training purposes.

              For security, you want to record the shell session itself in text. Files are miniscule and can be parsed. And you can't blank them out like you can with SSH. With SSH and video, there are lots of ways to hide what is actually being done.

              IRJI 1 Reply Last reply Reply Quote 2
              • IRJI
                IRJ @scottalanmiller
                last edited by

                @scottalanmiller said in How to screen record the session:

                @IRJ said in How to screen record the session:

                I think what is trying to do is record remote access specifically every time SSH is initiated. Is this what you are looking to do? If so I am really interested in learning a solution as well.

                That's not a good solution for that. It would produce giant files that would take forever for a human to watch. Totally impractical for security. Video recording of SSH sessions is really only good for training purposes.

                For security, you want to record the shell session itself in text. Files are miniscule and can be parsed. And you can't blank them out like you can with SSH. With SSH and video, there are lots of ways to hide what is actually being done.

                So you are thinking pulling the history file of each session is the best solution. Maybe you can share that solution on a new post?

                scottalanmillerS 1 Reply Last reply Reply Quote 0
                • IRJI
                  IRJ
                  last edited by

                  I might make a cleaner guide for this 🐷
                  https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility

                  IRJI 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @IRJ
                    last edited by

                    @IRJ said in How to screen record the session:

                    @scottalanmiller said in How to screen record the session:

                    @IRJ said in How to screen record the session:

                    I think what is trying to do is record remote access specifically every time SSH is initiated. Is this what you are looking to do? If so I am really interested in learning a solution as well.

                    That's not a good solution for that. It would produce giant files that would take forever for a human to watch. Totally impractical for security. Video recording of SSH sessions is really only good for training purposes.

                    For security, you want to record the shell session itself in text. Files are miniscule and can be parsed. And you can't blank them out like you can with SSH. With SSH and video, there are lots of ways to hide what is actually being done.

                    So you are thinking pulling the history file of each session is the best solution. Maybe you can share that solution on a new post?

                    Not a history, but that idea. When I worked at [redacted] they were crazy anal about this stuff. They did some recording earlier in the process before the history was touched, extremely hard to work around.

                    1 Reply Last reply Reply Quote 0
                    • IRJI
                      IRJ @IRJ
                      last edited by

                      @IRJ said in How to screen record the session:

                      I might make a cleaner guide for this 🐷
                      https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility

                      So I tested this and got it working, but I can just delete the file at the end of my session since it is in my home directory. No privilege elevation even needed.

                      scottalanmillerS 1 Reply Last reply Reply Quote 1
                      • scottalanmillerS
                        scottalanmiller @IRJ
                        last edited by

                        @IRJ said in How to screen record the session:

                        @IRJ said in How to screen record the session:

                        I might make a cleaner guide for this 🐷
                        https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility

                        So I tested this and got it working, but I can just delete the file at the end of my session since it is in my home directory. No privilege elevation even needed.

                        Yeah, what we had working was something that automatically recorded it somewhere via a dedicated Jump server that was the only access point to the other machines.

                        1 Reply Last reply Reply Quote 0
                        • IRJI
                          IRJ @black3dynamite
                          last edited by

                          @black3dynamite said in How to screen record the session:

                          Using the script command can make typescript of terminal session.

                          https://www.tecmint.com/record-and-replay-linux-terminal-session-commands-using-script/

                          https://noise.getoto.net/2016/06/14/how-to-record-ssh-sessions-established-through-a-bastion-host/

                          https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility#25725

                          User can easily delete though

                          black3dynamiteB 1 Reply Last reply Reply Quote 0
                          • black3dynamiteB
                            black3dynamite @IRJ
                            last edited by

                            @IRJ said in How to screen record the session:

                            @black3dynamite said in How to screen record the session:

                            Using the script command can make typescript of terminal session.

                            https://www.tecmint.com/record-and-replay-linux-terminal-session-commands-using-script/

                            https://noise.getoto.net/2016/06/14/how-to-record-ssh-sessions-established-through-a-bastion-host/

                            https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility#25725

                            User can easily delete though

                            What about using something like chattr or SELinux to prevent deletion?
                            https://serverfault.com/questions/448891/how-to-prevent-file-owner-from-changing-deleting-their-own-file-linux-centos

                            IRJI 1 Reply Last reply Reply Quote 0
                            • IRJI
                              IRJ @black3dynamite
                              last edited by

                              @black3dynamite said in How to screen record the session:

                              @IRJ said in How to screen record the session:

                              @black3dynamite said in How to screen record the session:

                              Using the script command can make typescript of terminal session.

                              https://www.tecmint.com/record-and-replay-linux-terminal-session-commands-using-script/

                              https://noise.getoto.net/2016/06/14/how-to-record-ssh-sessions-established-through-a-bastion-host/

                              https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility#25725

                              User can easily delete though

                              What about using something like chattr or SELinux to prevent deletion?
                              https://serverfault.com/questions/448891/how-to-prevent-file-owner-from-changing-deleting-their-own-file-linux-centos

                              Do you think using auditd would be better?

                              https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sec-configuring_pam_for_auditing

                              black3dynamiteB 1 Reply Last reply Reply Quote 1
                              • black3dynamiteB
                                black3dynamite @IRJ
                                last edited by

                                @IRJ said in How to screen record the session:

                                @black3dynamite said in How to screen record the session:

                                @IRJ said in How to screen record the session:

                                @black3dynamite said in How to screen record the session:

                                Using the script command can make typescript of terminal session.

                                https://www.tecmint.com/record-and-replay-linux-terminal-session-commands-using-script/

                                https://noise.getoto.net/2016/06/14/how-to-record-ssh-sessions-established-through-a-bastion-host/

                                https://unix.stackexchange.com/questions/25639/how-to-automatically-record-all-your-terminal-sessions-with-script-utility#25725

                                User can easily delete though

                                What about using something like chattr or SELinux to prevent deletion?
                                https://serverfault.com/questions/448891/how-to-prevent-file-owner-from-changing-deleting-their-own-file-linux-centos

                                Do you think using auditd would be better?

                                https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sec-configuring_pam_for_auditing

                                Looks a lot less complicating to use.

                                1 Reply Last reply Reply Quote 0
                                • 1 / 1
                                • First post
                                  Last post