How to log pubkey used in a keyring

frank mohr f_mohr at yahoo.de
Sat May 13 01:55:55 EST 2006


Hi

without patching the sshd, the easiest way is to run it 
with LogLevel VERBOSE and parse the log for 
Found matching <keytype> key: <fingerprint>
messages.

if you search the list archive, you find several patches 
that add a log message for the key comment

frank

--- Walter Doud <wdoud at us.ibm.com> wrote:

> 
> Hi,
> 
> I'm trying to create a log of which key is being used to access a
> given
> account.
> 
> I can turn auth.debug on, but that generates *copious* output to the
> log
> file which isn't terribly desirable.  Furthermore, the log's format
> from
> one ssh implementation to the next varies, causes parsing
> complexities.
> 
> Tried a kludge using the "command=/some/path/to/script <ID>"  prefix
> on
> each key, where the script took the ID and logged it along with some
> of the
> other ssh variables.  However that meant either exec'ing the command
> being
> sent from the remote system, or forcing the session into a specific
> shell.
> 
> Is there any other way to determine what key is used?
> 
> Thanks in advance,
>    Walt
> 
> Walter Doud
> UNIX System Administrator
> Information Technology Services Americas, Global Services, IBM
> 
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 




More information about the openssh-unix-dev mailing list