How to enable last login information for SFTP chroot or non-chroot users

In this guide, we are looking into a PAM implementation. By default, SFTP chroots and non-chroot users last login information will not be saved, To get the same we need to configure the PAM.

While the security team look for each and every log from our server it’s system admin responsible to implement the logging system, This guide applies for both RHEL 6 & 7 based operating systems.

Enabling last log information for SFTP users in Red Hat Enterprise Linux and variants.

Step: 1

Before starting with implementing PAM let us verify whether pam module enabled and PAM support enabled in sshd_config using a simple grep.

# grep "pam_lastlog" /etc/pam.d/sshd
# grep "UsePAM" /etc/ssh/sshd_config
sshd pam configuration
Verify SSHD using PAM


Edit and configure the PAM settings to “Yes” in SSHD configuration to start using PAM.

# vi /etc/ssh/sshd_config


Step 3:

Enable by adding in the first line of the session section above the SELinux.

# vi /etc/pam.d/sshd


Add only the first line which contains

session required  # Append with only this line.
session required close
session required


sshd lastlog pam configuration
sshd lastlog pam configuration
Step 4:

Restart the SSHD service and check for the status.

# systemctl restart sshd
# systemctl status sshd


Restart sshd service
Restart sshd service

Finally, the last log will start to log all SFTP chroot user and non-chroot user log-in information under the wtmp file.

# lastlog


Verify lastlog
Verify lastlog


That’s it, We have managed to enable last log information for SFTP Chroot and non-chroot users.


A default configuration which not in place has been implemented using PAM for chroot users in RHEL based operating systems. This will help us to find which user accessing server for SFTP service, Its a key factor for security audit purpose.

Provide your feedback in below comment section we are looking forward to hearing something from you.

Leave a Comment

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

We promise not to spam you, and we don't usually send more than one email a week.

You have Successfully Subscribed!