Home
Products
     About SSH
     SSH Features
     Screenshots
     Notifications
     Security
     Customers
     Large scale
Download
     WinSSHD
     Tunnelier
     WRC
Purchase
     Reseller list
     Reseller policy
WinSSHD
     History
     Pricing
     License
     Help
          Users' guide
               Starting
          Printable docs
          Usage FAQ
          Securing WinSSHD
          WinSSHD for SFTP
          Accessing shares
Tunnelier
     History
     Pricing
     License
     Portable
     The 'log' utility
     Help
          How the net works
          Port forwarding guide
          Web browsing over SSH
          Tunnel Remote Desktop
          FTP bridge
          Tunnel file shares
          Tunnel WinVNC
          Tunnelier as service
FlowSsh library
     Documentation
Specifications
Company
     Work at Bitvise
     About us
     Contact

Starting WinSSHD and monitoring activity

The WinSSHD service can be started and stopped in the following ways:

  • using the WinSSHD Control Panel;
  • from Administrative Tools > Services;
  • from the Windows command prompt using commands 'net start WinSSHD' and 'net stop WinSSHD';
  • the service can also be stopped remotely using the WinSSHD Remote Control Panel in Tunnelier.

Monitoring

In WinSSHD 5, the WinSSHD Control Panel features a Session tab, which shows SSH sessions currently active on the server.

Since WinSSHD 5.06, the WinSSHD Control Panel also features an Activity tab, which shows a history of recent events on the SSH server, such as logins, disconnects, or file transfers. When the WinSSHD Control Panel is open or minimized, it can also be configured to show pop-up notifications for events that show up in the Activity tab.

The Session and Activity tabs are intended to provide a casual overview of SSH server activity, but not a thorough overview. For a thorough overview or diagnostics, consult WinSSHD log files.

Logging

When WinSSHD is running, its default logging behavior in versions 4 and 5 is as follows:

  • Errors and warnings are logged to the Application section of the Windows Event Log. Many applications write their log messages to this log; to reduce clutter, WinSSHD records no info messages here by default.

    You can investigate the Event log either through Administrative Tools > Event Viewer, or using the WinSSHD Control Panel, by clicking the 'View Windows Event Log...' button.

    If your Application log becomes full, Windows may stop logging new events until the log is cleared or its size restrictions are loosened. You can investigate the maximum size settings of your Application log by selecting it in the Windows Event Viewer and clicking Action > Properties. The log can be cleared either from the Event Viewer or through the WinSSHD Control Panel.

    The Application section of the Windows Event Log can be viewed and managed remotely using Tunnelier.

  • Errors, warnings and informational messages are logged into managed textual log files, created by default in the Logs subdirectory of the directory where WinSSHD resides. These log files are stamped with the date and time of their creation and can be viewed with any text editing software, e.g. Notepad.

The logging level for each of the two destinations (log files or Windows Event Log) can be changed in WinSSHD Settings. For security reasons, we recommend that you log errors and warnings at least. You should inspect the log periodically to make sure that everything is running as expected. For performance reasons, we recommend not setting the log level higher than info, except temporarily for troubleshooting.