Secure Shell
logging the public key Feb 04 2011 07:40PM
Anthony R Fletcher (arif mail nih gov) (1 replies)
Re: logging the public key Feb 07 2011 05:40PM
Maria Iano (maria iano org)
I turn on debugging in sshd_config and that way the key fingerprints
are recorded when people log in. I move the logging out of messages
though because then you get so much. I wish they'd add an option just
to record the keys without all the other debugging info.

Maria

On Feb 4, 2011, at 2:40 PM, Anthony R Fletcher wrote:

> We are running OpenSSH versions 4.3 and 5.5 on a mixture of CentOS 5,
> Debian and Fedora 14 systems.
>
> Can OpenSSH log which public key, as listed in the authorized keys
> file, was used to log in? If so, how? This would be useful for
> auditing purposes.
>
> I don't see a config option, so I'm currently using a custom command
> via
> COMMAND="....." ssh-dss AAAAB3Nza..... key1
> COMMAND="....." ssh-dss AAAABFFFF..... key2
> to log the key. It would be nice if there was a better way.
> Suggestions?
>
> Anthony.
>

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus