How to log pubkey used in a keyring
Walter Doud
wdoud at us.ibm.com
Sat May 13 00:42:17 EST 2006
Hi,
I'm trying to create a log of which key is being used to access a given
account.
I can turn auth.debug on, but that generates *copious* output to the log
file which isn't terribly desirable. Furthermore, the log's format from
one ssh implementation to the next varies, causes parsing complexities.
Tried a kludge using the "command=/some/path/to/script <ID>" prefix on
each key, where the script took the ID and logged it along with some of the
other ssh variables. However that meant either exec'ing the command being
sent from the remote system, or forcing the session into a specific shell.
Is there any other way to determine what key is used?
Thanks in advance,
Walt
Walter Doud
UNIX System Administrator
Information Technology Services Americas, Global Services, IBM
More information about the openssh-unix-dev
mailing list