logging the public key

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sat Feb 5 07:48:46 EST 2011


On 02/04/2011 11:44 AM, Anthony R Fletcher wrote:
> Can openssh log which public key, as listed in the authorized keys file,
> was used to log in? If so, how?
> 
> I don't see a config option, so I'm currently using a custom command via
> 	COMMAND="....." ssh-dss AAAAB3Nza..... key1
> 	COMMAND="....." ssh-dss AAAABFFFF..... key2
> to log the key. It would be nice if there was a better way.
> Suggestions?

setting the LogLevel to verbose (usually in /etc/ssh/sshd_config) should
log the fingerprint of the key used.

hth,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20110204/e9ce7b86/attachment.bin>


More information about the openssh-unix-dev mailing list