sshd key comment logging

Joe Testa jtesta at
Mon Jun 23 13:42:02 EST 2008


   I admin a box that has Subversion users authenticate with public keys
to a restricted 'svnuser' account.  The comment field of all the keys
describe who they belong to (it has their usernames), but unfortunately,
sshd does not log this when a user successfully authenticates:

   Jun 21 08:18:22 localhost sshd[23636]: Accepted publickey for svnuser
from x.x.x.x port 2065 ssh2
   Jun 21 08:18:24 localhost sshd[23668]: Accepted publickey for svnuser
from y.y.y.y port 2067 ssh2

   The above two logins were for two distinct keys with distinct comment
fields.  However, as you can see, the logs they generate are
indistinguishable; I can't easily tell what two users these are.  I've
tested this against OpenSSH v5.0 with LogLevel set to VERBOSE.

   Am I correct in that sshd does not support logging of the key's
comment field?  If so, then I volunteer to implement the feature.  Just
let me know and I'll get started.  I'm looking forward to doing some
development work.

   - Joe

Joseph S. Testa II | Senior Security Consultant
Positron Security, LLC.

Phone: (585) 643-5900
AIM / Skype:  TheRealJoeTesta

More information about the openssh-unix-dev mailing list