Improve session logging

lixmal · lixmal · commit e6854dfd9955 · 2025-10-28T17:57:59.000+01:00
diff --git a/client/ssh/server/command_execution.go b/client/ssh/server/command_execution.go
@@ -14,15 +14,14 @@ import (
 
 // handleCommand executes an SSH command with privilege validation
 func (s *Server) handleCommand(logger *log.Entry, session ssh.Session, privilegeResult PrivilegeCheckResult, winCh <-chan ssh.Window) {
-	localUser := privilegeResult.User
 	hasPty := winCh != nil
 
 	commandType := "command"
 	if hasPty {
 		commandType = "Pty command"
 	}
 
-	logger.Infof("executing %s for %s from %s: %s", commandType, localUser.Username, session.RemoteAddr(), safeLogCommand(session.Command()))
+	logger.Infof("executing %s: %s", commandType, safeLogCommand(session.Command()))
 
 	execCmd, err := s.createCommand(privilegeResult, session, hasPty)
 	if err != nil {
@@ -38,7 +37,7 @@ func (s *Server) handleCommand(logger *log.Entry, session ssh.Session, privilege
 			logger.Debugf(errWriteSession, writeErr)
 		}
 		if err := session.Exit(1); err != nil {
-			logger.Debugf(errExitSession, err)
+			logSessionExitError(logger, err)
 		}
 		return
 	}
@@ -74,7 +73,7 @@ func (s *Server) executeCommand(logger *log.Entry, session ssh.Session, execCmd
 	if err != nil {
 		logger.Errorf("create stdin pipe: %v", err)
 		if err := session.Exit(1); err != nil {
-			logger.Debugf(errExitSession, err)
+			logSessionExitError(logger, err)
 		}
 		return false
 	}
@@ -93,7 +92,7 @@ func (s *Server) executeCommand(logger *log.Entry, session ssh.Session, execCmd
 		logger.Errorf("command start failed: %v", err)
 		// no user message for exec failure, just exit
 		if err := session.Exit(1); err != nil {
-			logger.Debugf(errExitSession, err)
+			logSessionExitError(logger, err)
 		}
 		return false
 	}
@@ -135,7 +134,7 @@ func (s *Server) waitForCommandCleanup(logger *log.Entry, session ssh.Session, e
 		}
 
 		if err := session.Exit(130); err != nil {
-			logger.Debugf(errExitSession, err)
+			logSessionExitError(logger, err)
 		}
 		return false
 
@@ -160,20 +159,20 @@ func (s *Server) handleCommandCompletion(logger *log.Entry, session ssh.Session,
 func (s *Server) handleSessionExit(session ssh.Session, err error, logger *log.Entry) {
 	if err == nil {
 		if err := session.Exit(0); err != nil {
-			logger.Debugf(errExitSession, err)
+			logSessionExitError(logger, err)
 		}
 		return
 	}
 
 	var exitError *exec.ExitError
 	if errors.As(err, &exitError) {
 		if err := session.Exit(exitError.ExitCode()); err != nil {
-			logger.Debugf(errExitSession, err)
+			logSessionExitError(logger, err)
 		}
 	} else {
 		logger.Debugf("non-exit error in command execution: %v", err)
 		if err := session.Exit(1); err != nil {
-			logger.Debugf(errExitSession, err)
+			logSessionExitError(logger, err)
 		}
 	}
 }
diff --git a/client/ssh/server/command_execution_unix.go b/client/ssh/server/command_execution_unix.go
@@ -99,8 +99,7 @@ func (pm *ptyManager) File() *os.File {
 
 func (s *Server) handlePty(logger *log.Entry, session ssh.Session, privilegeResult PrivilegeCheckResult, ptyReq ssh.Pty, winCh <-chan ssh.Window) bool {
 	cmd := session.Command()
-	localUser := privilegeResult.User
-	logger.Infof("executing Pty command for %s from %s: %s", localUser.Username, session.RemoteAddr(), safeLogCommand(cmd))
+	logger.Infof("executing Pty command: %s", safeLogCommand(cmd))
 
 	execCmd, err := s.createPtyCommand(privilegeResult, ptyReq, session)
 	if err != nil {
@@ -110,7 +109,7 @@ func (s *Server) handlePty(logger *log.Entry, session ssh.Session, privilegeResu
 			logger.Debugf(errWriteSession, writeErr)
 		}
 		if err := session.Exit(1); err != nil {
-			logger.Debugf(errExitSession, err)
+			logSessionExitError(logger, err)
 		}
 		return false
 	}
@@ -119,7 +118,7 @@ func (s *Server) handlePty(logger *log.Entry, session ssh.Session, privilegeResu
 	if err != nil {
 		logger.Errorf("Pty start failed: %v", err)
 		if err := session.Exit(1); err != nil {
-			logger.Debugf(errExitSession, err)
+			logSessionExitError(logger, err)
 		}
 		return false
 	}
@@ -178,18 +177,22 @@ func (s *Server) handlePtyIO(logger *log.Entry, session ssh.Session, ptyMgr *pty
 
 	go func() {
 		if _, err := io.Copy(ptmx, session); err != nil {
-			logger.Debugf("Pty input copy error: %v", err)
+			if !errors.Is(err, io.EOF) && !errors.Is(err, syscall.EIO) {
+				logger.Warnf("Pty input copy error: %v", err)
+			}
 		}
 	}()
 
 	go func() {
 		defer func() {
-			if err := session.Close(); err != nil {
+			if err := session.Close(); err != nil && !errors.Is(err, io.EOF) {
 				logger.Debugf("session close error: %v", err)
 			}
 		}()
 		if _, err := io.Copy(session, ptmx); err != nil {
-			logger.Debugf("Pty output copy error: %v", err)
+			if !errors.Is(err, io.EOF) && !errors.Is(err, syscall.EIO) {
+				logger.Warnf("Pty output copy error: %v", err)
+			}
 		}
 	}()
 }
@@ -229,7 +232,7 @@ func (s *Server) handlePtySessionCancellation(logger *log.Entry, session ssh.Ses
 	}
 
 	if err := session.Exit(130); err != nil {
-		logger.Debugf(errExitSession, err)
+		logSessionExitError(logger, err)
 	}
 }
 
@@ -243,7 +246,7 @@ func (s *Server) handlePtyCommandCompletion(logger *log.Entry, session ssh.Sessi
 	// Normal completion
 	logger.Debugf("Pty command completed successfully")
 	if err := session.Exit(0); err != nil {
-		logger.Debugf(errExitSession, err)
+		logSessionExitError(logger, err)
 	}
 }
 
diff --git a/client/ssh/server/command_execution_windows.go b/client/ssh/server/command_execution_windows.go
@@ -266,9 +266,8 @@ func (s *Server) prepareCommandEnv(localUser *user.User, session ssh.Session) []
 }
 
 func (s *Server) handlePty(logger *log.Entry, session ssh.Session, privilegeResult PrivilegeCheckResult, ptyReq ssh.Pty, winCh <-chan ssh.Window) bool {
-	localUser := privilegeResult.User
 	cmd := session.Command()
-	logger.Infof("executing Pty command for %s from %s: %s", localUser.Username, session.RemoteAddr(), safeLogCommand(cmd))
+	logger.Infof("executing Pty command: %s", safeLogCommand(cmd))
 
 	// Always use user switching on Windows - no direct execution
 	s.handlePtyWithUserSwitching(logger, session, privilegeResult, ptyReq, winCh, cmd)
@@ -317,7 +316,7 @@ func (s *Server) handlePtyWithUserSwitching(logger *log.Entry, session ssh.Sessi
 			logger.Debugf(errWriteSession, writeErr)
 		}
 		if err := session.Exit(1); err != nil {
-			logger.Debugf(errExitSession, err)
+			logSessionExitError(logger, err)
 		}
 		return
 	}
diff --git a/client/ssh/server/server.go b/client/ssh/server/server.go
@@ -6,6 +6,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"io"
 	"net"
 	"net/netip"
 	"strings"
@@ -80,10 +81,17 @@ func (e *UserNotFoundError) Unwrap() error {
 	return e.Cause
 }
 
+// logSessionExitError logs session exit errors, ignoring EOF (normal close) errors
+func logSessionExitError(logger *log.Entry, err error) {
+	if err != nil && !errors.Is(err, io.EOF) {
+		logger.Warnf(errExitSession, err)
+	}
+}
+
 // safeLogCommand returns a safe representation of the command for logging
 func safeLogCommand(cmd []string) string {
 	if len(cmd) == 0 {
-		return "<empty>"
+		return "<interactive shell>"
 	}
 	if len(cmd) == 1 {
 		return cmd[0]
@@ -623,19 +631,19 @@ func (s *Server) directTCPIPHandler(srv *ssh.Server, conn *cryptossh.ServerConn,
 	s.mu.RUnlock()
 
 	if !allowLocal {
-		log.Debugf("direct-tcpip rejected: local port forwarding disabled")
+		log.Warnf("local port forwarding denied for %s:%d: disabled by configuration", payload.Host, payload.Port)
 		_ = newChan.Reject(cryptossh.Prohibited, "local port forwarding disabled")
 		return
 	}
 
 	// Check privilege requirements for the destination port
 	if err := s.checkPortForwardingPrivileges(ctx, "local", payload.Port); err != nil {
-		log.Infof("direct-tcpip denied: %v", err)
+		log.Warnf("local port forwarding denied for %s:%d: %v", payload.Host, payload.Port, err)
 		_ = newChan.Reject(cryptossh.Prohibited, "insufficient privileges")
 		return
 	}
 
-	log.Debugf("direct-tcpip request: %s:%d", payload.Host, payload.Port)
+	log.Infof("local port forwarding: %s:%d", payload.Host, payload.Port)
 
 	ssh.DirectTCPIPHandler(srv, conn, newChan, ctx)
 }
diff --git a/client/ssh/server/session_handlers.go b/client/ssh/server/session_handlers.go
@@ -16,22 +16,19 @@ import (
 // sessionHandler handles SSH sessions
 func (s *Server) sessionHandler(session ssh.Session) {
 	sessionKey := s.registerSession(session)
+	logger := log.WithField("session", sessionKey)
+	logger.Infof("SSH session started")
 	sessionStart := time.Now()
 
-	logger := log.WithField("session", sessionKey)
 	defer s.unregisterSession(sessionKey, session)
 	defer func() {
-		duration := time.Since(sessionStart)
-		if err := session.Close(); err != nil {
-			logger.Debugf("close session after %v: %v", duration, err)
-			return
+		duration := time.Since(sessionStart).Round(time.Millisecond)
+		if err := session.Close(); err != nil && !errors.Is(err, io.EOF) {
+			logger.Warnf("close session after %v: %v", duration, err)
 		}
-
-		logger.Debugf("session closed after %v", duration)
+		logger.Infof("SSH session closed after %v", duration)
 	}()
 
-	logger.Infof("establishing SSH session for %s from %s", session.User(), session.RemoteAddr())
-
 	privilegeResult, err := s.userPrivilegeCheck(session.User())
 	if err != nil {
 		s.handlePrivError(logger, session, err)
@@ -61,7 +58,7 @@ func (s *Server) rejectInvalidSession(logger *log.Entry, session ssh.Session) {
 		logger.Debugf(errWriteSession, err)
 	}
 	if err := session.Exit(1); err != nil {
-		logger.Debugf(errExitSession, err)
+		logSessionExitError(logger, err)
 	}
 	logger.Infof("rejected non-Pty session without command from %s", session.RemoteAddr())
 }
@@ -86,7 +83,6 @@ func (s *Server) registerSession(session ssh.Session) SessionKey {
 	s.sessions[sessionKey] = session
 	s.mu.Unlock()
 
-	log.WithField("session", sessionKey).Debugf("registered SSH session")
 	return sessionKey
 }
 
@@ -111,7 +107,6 @@ func (s *Server) unregisterSession(sessionKey SessionKey, _ ssh.Session) {
 	}
 
 	s.mu.Unlock()
-	log.WithField("session", sessionKey).Debugf("unregistered SSH session")
 }
 
 func (s *Server) handlePrivError(logger *log.Entry, session ssh.Session, err error) {
@@ -123,7 +118,7 @@ func (s *Server) handlePrivError(logger *log.Entry, session ssh.Session, err err
 		logger.Debugf(errWriteSession, writeErr)
 	}
 	if exitErr := session.Exit(1); exitErr != nil {
-		logger.Debugf(errExitSession, exitErr)
+		logSessionExitError(logger, exitErr)
 	}
 }
 
diff --git a/client/ssh/server/session_handlers_js.go b/client/ssh/server/session_handlers_js.go
@@ -16,7 +16,7 @@ func (s *Server) handlePty(logger *log.Entry, session ssh.Session, _ PrivilegeCh
 		logger.Debugf(errWriteSession, err)
 	}
 	if err := session.Exit(1); err != nil {
-		logger.Debugf(errExitSession, err)
+		logSessionExitError(logger, err)
 	}
 	return false
 }

Original file line number	Diff line number	Diff line change
`@@ -14,15 +14,14 @@ import (`
`14`	`14`
`15`	`15`	`// handleCommand executes an SSH command with privilege validation`
`16`	`16`	`func (s Server) handleCommand(logger log.Entry, session ssh.Session, privilegeResult PrivilegeCheckResult, winCh <-chan ssh.Window) {`
`17`		`- localUser := privilegeResult.User`
`18`	`17`	`hasPty := winCh != nil`
`19`	`18`
`20`	`19`	`commandType := "command"`
`21`	`20`	`if hasPty {`
`22`	`21`	`commandType = "Pty command"`
`23`	`22`	`}`
`24`	`23`
`25`		`- logger.Infof("executing %s for %s from %s: %s", commandType, localUser.Username, session.RemoteAddr(), safeLogCommand(session.Command()))`
	`24`	`+ logger.Infof("executing %s: %s", commandType, safeLogCommand(session.Command()))`
`26`	`25`
`27`	`26`	`execCmd, err := s.createCommand(privilegeResult, session, hasPty)`
`28`	`27`	`if err != nil {`
`@@ -38,7 +37,7 @@ func (s Server) handleCommand(logger log.Entry, session ssh.Session, privilege`
`38`	`37`	`logger.Debugf(errWriteSession, writeErr)`
`39`	`38`	`}`
`40`	`39`	`if err := session.Exit(1); err != nil {`
`41`		`- logger.Debugf(errExitSession, err)`
	`40`	`+ logSessionExitError(logger, err)`
`42`	`41`	`}`
`43`	`42`	`return`
`44`	`43`	`}`
`@@ -74,7 +73,7 @@ func (s Server) executeCommand(logger log.Entry, session ssh.Session, execCmd`
`74`	`73`	`if err != nil {`
`75`	`74`	`logger.Errorf("create stdin pipe: %v", err)`
`76`	`75`	`if err := session.Exit(1); err != nil {`
`77`		`- logger.Debugf(errExitSession, err)`
	`76`	`+ logSessionExitError(logger, err)`
`78`	`77`	`}`
`79`	`78`	`return false`
`80`	`79`	`}`
`@@ -93,7 +92,7 @@ func (s Server) executeCommand(logger log.Entry, session ssh.Session, execCmd`
`93`	`92`	`logger.Errorf("command start failed: %v", err)`
`94`	`93`	`// no user message for exec failure, just exit`
`95`	`94`	`if err := session.Exit(1); err != nil {`
`96`		`- logger.Debugf(errExitSession, err)`
	`95`	`+ logSessionExitError(logger, err)`
`97`	`96`	`}`
`98`	`97`	`return false`
`99`	`98`	`}`
`@@ -135,7 +134,7 @@ func (s Server) waitForCommandCleanup(logger log.Entry, session ssh.Session, e`
`135`	`134`	`}`
`136`	`135`
`137`	`136`	`if err := session.Exit(130); err != nil {`
`138`		`- logger.Debugf(errExitSession, err)`
	`137`	`+ logSessionExitError(logger, err)`
`139`	`138`	`}`
`140`	`139`	`return false`
`141`	`140`
`@@ -160,20 +159,20 @@ func (s Server) handleCommandCompletion(logger log.Entry, session ssh.Session,`
`160`	`159`	`func (s Server) handleSessionExit(session ssh.Session, err error, logger log.Entry) {`
`161`	`160`	`if err == nil {`
`162`	`161`	`if err := session.Exit(0); err != nil {`
`163`		`- logger.Debugf(errExitSession, err)`
	`162`	`+ logSessionExitError(logger, err)`
`164`	`163`	`}`
`165`	`164`	`return`
`166`	`165`	`}`
`167`	`166`
`168`	`167`	`var exitError *exec.ExitError`
`169`	`168`	`if errors.As(err, &exitError) {`
`170`	`169`	`if err := session.Exit(exitError.ExitCode()); err != nil {`
`171`		`- logger.Debugf(errExitSession, err)`
	`170`	`+ logSessionExitError(logger, err)`
`172`	`171`	`}`
`173`	`172`	`} else {`
`174`	`173`	`logger.Debugf("non-exit error in command execution: %v", err)`
`175`	`174`	`if err := session.Exit(1); err != nil {`
`176`		`- logger.Debugf(errExitSession, err)`
	`175`	`+ logSessionExitError(logger, err)`
`177`	`176`	`}`
`178`	`177`	`}`
`179`	`178`	`}`
Original file line number	Diff line number	Diff line change
`@@ -99,8 +99,7 @@ func (pm ptyManager) File() os.File {`
`99`	`99`
`100`	`100`	`func (s Server) handlePty(logger log.Entry, session ssh.Session, privilegeResult PrivilegeCheckResult, ptyReq ssh.Pty, winCh <-chan ssh.Window) bool {`
`101`	`101`	`cmd := session.Command()`
`102`		`- localUser := privilegeResult.User`
`103`		`- logger.Infof("executing Pty command for %s from %s: %s", localUser.Username, session.RemoteAddr(), safeLogCommand(cmd))`
	`102`	`+ logger.Infof("executing Pty command: %s", safeLogCommand(cmd))`
`104`	`103`
`105`	`104`	`execCmd, err := s.createPtyCommand(privilegeResult, ptyReq, session)`
`106`	`105`	`if err != nil {`
`@@ -110,7 +109,7 @@ func (s Server) handlePty(logger log.Entry, session ssh.Session, privilegeResu`
`110`	`109`	`logger.Debugf(errWriteSession, writeErr)`
`111`	`110`	`}`
`112`	`111`	`if err := session.Exit(1); err != nil {`
`113`		`- logger.Debugf(errExitSession, err)`
	`112`	`+ logSessionExitError(logger, err)`
`114`	`113`	`}`
`115`	`114`	`return false`
`116`	`115`	`}`
`@@ -119,7 +118,7 @@ func (s Server) handlePty(logger log.Entry, session ssh.Session, privilegeResu`
`119`	`118`	`if err != nil {`
`120`	`119`	`logger.Errorf("Pty start failed: %v", err)`
`121`	`120`	`if err := session.Exit(1); err != nil {`
`122`		`- logger.Debugf(errExitSession, err)`
	`121`	`+ logSessionExitError(logger, err)`
`123`	`122`	`}`
`124`	`123`	`return false`
`125`	`124`	`}`
`@@ -178,18 +177,22 @@ func (s Server) handlePtyIO(logger log.Entry, session ssh.Session, ptyMgr *pty`
`178`	`177`
`179`	`178`	`go func() {`
`180`	`179`	`if _, err := io.Copy(ptmx, session); err != nil {`
`181`		`- logger.Debugf("Pty input copy error: %v", err)`
	`180`	`+ if !errors.Is(err, io.EOF) && !errors.Is(err, syscall.EIO) {`
	`181`	`+ logger.Warnf("Pty input copy error: %v", err)`
	`182`	`+ }`
`182`	`183`	`}`
`183`	`184`	`}()`
`184`	`185`
`185`	`186`	`go func() {`
`186`	`187`	`defer func() {`
`187`		`- if err := session.Close(); err != nil {`
	`188`	`+ if err := session.Close(); err != nil && !errors.Is(err, io.EOF) {`
`188`	`189`	`logger.Debugf("session close error: %v", err)`
`189`	`190`	`}`
`190`	`191`	`}()`
`191`	`192`	`if _, err := io.Copy(session, ptmx); err != nil {`
`192`		`- logger.Debugf("Pty output copy error: %v", err)`
	`193`	`+ if !errors.Is(err, io.EOF) && !errors.Is(err, syscall.EIO) {`
	`194`	`+ logger.Warnf("Pty output copy error: %v", err)`
	`195`	`+ }`
`193`	`196`	`}`
`194`	`197`	`}()`
`195`	`198`	`}`
`@@ -229,7 +232,7 @@ func (s Server) handlePtySessionCancellation(logger log.Entry, session ssh.Ses`
`229`	`232`	`}`
`230`	`233`
`231`	`234`	`if err := session.Exit(130); err != nil {`
`232`		`- logger.Debugf(errExitSession, err)`
	`235`	`+ logSessionExitError(logger, err)`
`233`	`236`	`}`
`234`	`237`	`}`
`235`	`238`
`@@ -243,7 +246,7 @@ func (s Server) handlePtyCommandCompletion(logger log.Entry, session ssh.Sessi`
`243`	`246`	`// Normal completion`
`244`	`247`	`logger.Debugf("Pty command completed successfully")`
`245`	`248`	`if err := session.Exit(0); err != nil {`
`246`		`- logger.Debugf(errExitSession, err)`
	`249`	`+ logSessionExitError(logger, err)`
`247`	`250`	`}`
`248`	`251`	`}`
`249`	`252`
Original file line number	Diff line number	Diff line change
`@@ -266,9 +266,8 @@ func (s Server) prepareCommandEnv(localUser user.User, session ssh.Session) []`
`266`	`266`	`}`
`267`	`267`
`268`	`268`	`func (s Server) handlePty(logger log.Entry, session ssh.Session, privilegeResult PrivilegeCheckResult, ptyReq ssh.Pty, winCh <-chan ssh.Window) bool {`
`269`		`- localUser := privilegeResult.User`
`270`	`269`	`cmd := session.Command()`
`271`		`- logger.Infof("executing Pty command for %s from %s: %s", localUser.Username, session.RemoteAddr(), safeLogCommand(cmd))`
	`270`	`+ logger.Infof("executing Pty command: %s", safeLogCommand(cmd))`
`272`	`271`
`273`	`272`	`// Always use user switching on Windows - no direct execution`
`274`	`273`	`s.handlePtyWithUserSwitching(logger, session, privilegeResult, ptyReq, winCh, cmd)`
`@@ -317,7 +316,7 @@ func (s Server) handlePtyWithUserSwitching(logger log.Entry, session ssh.Sessi`
`317`	`316`	`logger.Debugf(errWriteSession, writeErr)`
`318`	`317`	`}`
`319`	`318`	`if err := session.Exit(1); err != nil {`
`320`		`- logger.Debugf(errExitSession, err)`
	`319`	`+ logSessionExitError(logger, err)`
`321`	`320`	`}`
`322`	`321`	`return`
`323`	`322`	`}`
Original file line number	Diff line number	Diff line change
`@@ -16,22 +16,19 @@ import (`
`16`	`16`	`// sessionHandler handles SSH sessions`
`17`	`17`	`func (s *Server) sessionHandler(session ssh.Session) {`
`18`	`18`	`sessionKey := s.registerSession(session)`
	`19`	`+ logger := log.WithField("session", sessionKey)`
	`20`	`+ logger.Infof("SSH session started")`
`19`	`21`	`sessionStart := time.Now()`
`20`	`22`
`21`		`- logger := log.WithField("session", sessionKey)`
`22`	`23`	`defer s.unregisterSession(sessionKey, session)`
`23`	`24`	`defer func() {`
`24`		`- duration := time.Since(sessionStart)`
`25`		`- if err := session.Close(); err != nil {`
`26`		`- logger.Debugf("close session after %v: %v", duration, err)`
`27`		`- return`
	`25`	`+ duration := time.Since(sessionStart).Round(time.Millisecond)`
	`26`	`+ if err := session.Close(); err != nil && !errors.Is(err, io.EOF) {`
	`27`	`+ logger.Warnf("close session after %v: %v", duration, err)`
`28`	`28`	`}`
`29`		`-`
`30`		`- logger.Debugf("session closed after %v", duration)`
	`29`	`+ logger.Infof("SSH session closed after %v", duration)`
`31`	`30`	`}()`
`32`	`31`
`33`		`- logger.Infof("establishing SSH session for %s from %s", session.User(), session.RemoteAddr())`
`34`		`-`
`35`	`32`	`privilegeResult, err := s.userPrivilegeCheck(session.User())`
`36`	`33`	`if err != nil {`
`37`	`34`	`s.handlePrivError(logger, session, err)`
`@@ -61,7 +58,7 @@ func (s Server) rejectInvalidSession(logger log.Entry, session ssh.Session) {`
`61`	`58`	`logger.Debugf(errWriteSession, err)`
`62`	`59`	`}`
`63`	`60`	`if err := session.Exit(1); err != nil {`
`64`		`- logger.Debugf(errExitSession, err)`
	`61`	`+ logSessionExitError(logger, err)`
`65`	`62`	`}`
`66`	`63`	`logger.Infof("rejected non-Pty session without command from %s", session.RemoteAddr())`
`67`	`64`	`}`
`@@ -86,7 +83,6 @@ func (s *Server) registerSession(session ssh.Session) SessionKey {`
`86`	`83`	`s.sessions[sessionKey] = session`
`87`	`84`	`s.mu.Unlock()`
`88`	`85`
`89`		`- log.WithField("session", sessionKey).Debugf("registered SSH session")`
`90`	`86`	`return sessionKey`
`91`	`87`	`}`
`92`	`88`
`@@ -111,7 +107,6 @@ func (s *Server) unregisterSession(sessionKey SessionKey, _ ssh.Session) {`
`111`	`107`	`}`
`112`	`108`
`113`	`109`	`s.mu.Unlock()`
`114`		`- log.WithField("session", sessionKey).Debugf("unregistered SSH session")`
`115`	`110`	`}`
`116`	`111`
`117`	`112`	`func (s Server) handlePrivError(logger log.Entry, session ssh.Session, err error) {`
`@@ -123,7 +118,7 @@ func (s Server) handlePrivError(logger log.Entry, session ssh.Session, err err`
`123`	`118`	`logger.Debugf(errWriteSession, writeErr)`
`124`	`119`	`}`
`125`	`120`	`if exitErr := session.Exit(1); exitErr != nil {`
`126`		`- logger.Debugf(errExitSession, exitErr)`
	`121`	`+ logSessionExitError(logger, exitErr)`
`127`	`122`	`}`
`128`	`123`	`}`
`129`	`124`
Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@ func (s Server) handlePty(logger log.Entry, session ssh.Session, _ PrivilegeCh`
`16`	`16`	`logger.Debugf(errWriteSession, err)`
`17`	`17`	`}`
`18`	`18`	`if err := session.Exit(1); err != nil {`
`19`		`- logger.Debugf(errExitSession, err)`
	`19`	`+ logSessionExitError(logger, err)`
`20`	`20`	`}`
`21`	`21`	`return false`
`22`	`22`	`}`