sshd key comment logging
Joe Testa
jtesta at positronsecurity.com
Mon Jun 23 13:42:02 EST 2008
Hi,
I admin a box that has Subversion users authenticate with public keys
to a restricted 'svnuser' account. The comment field of all the keys
describe who they belong to (it has their usernames), but unfortunately,
sshd does not log this when a user successfully authenticates:
Jun 21 08:18:22 localhost sshd[23636]: Accepted publickey for svnuser
from x.x.x.x port 2065 ssh2
Jun 21 08:18:24 localhost sshd[23668]: Accepted publickey for svnuser
from y.y.y.y port 2067 ssh2
The above two logins were for two distinct keys with distinct comment
fields. However, as you can see, the logs they generate are
indistinguishable; I can't easily tell what two users these are. I've
tested this against OpenSSH v5.0 with LogLevel set to VERBOSE.
Am I correct in that sshd does not support logging of the key's
comment field? If so, then I volunteer to implement the feature. Just
let me know and I'll get started. I'm looking forward to doing some
development work.
Thanks!
- Joe
--
Joseph S. Testa II | Senior Security Consultant
Positron Security, LLC.
http://www.positronsecurity.com
Phone: (585) 643-5900
AIM / Skype: TheRealJoeTesta
More information about the openssh-unix-dev
mailing list