How to log connections made via SSH using port forwarding and X11 forwarding

Solution Verified - Updated -


  • Our customer request to change "AllowTcpForwarding" to "yes" for port-forward, but we need to record logs.
  • We need to enable "AllowTcpForwarding" and "X11Forwarding", but also log the authenticated user for audit purposes.


  • Red Hat Enterprise Linux 7.3+
  • openssh-server
  • audit

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In