Key comment to syslog on login

Jim Knoble jmknoble at
Thu Nov 21 06:54:19 EST 2002

Circa 2002-11-20 11:03:12 +0000 dixit R.A.Owen:

: Hello,
: Firstly thankyou for developing openssh - it is a great tool.
: Secondly I'm not subscribed to this list - sorry!
: It would be helpful to log the key comment to syslog when logging in using
: private key authentication.

Key comments can be manipulated by the user who has the key.  Putting
them in the log would produce a false sense that you know what's going
on.  The fingerprints, however, are not able to be changed.

: Perhaps the syslog message should include the key fingerprint too/instead
: of the  key_comment. ie: [...]

The key fingerprint is logged if you set LogLevel to VERBOSE in

: I'm sure I would not be the only one to benifit from a better audit trail.
: I have looked briefly at the code but I'm not up to the job so no patch is
: attached!
: I hope that you find this idea a usefull one and that it get's added to
: the "ToDo" list.

Actually, it's added to the "Done" list.  ;)

jim knoble  |  jmknoble at  |
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
"I am non-refutable."  --Enik the Altrusian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 262 bytes
Desc: not available
Url : 

More information about the openssh-unix-dev mailing list