export public key to environment
Jakub Jelen
jjelen at redhat.com
Wed Nov 14 20:17:21 AEDT 2018
On Wed, 2018-11-14 at 11:59 +1030, David Newall wrote:
> Hello all,
>
> Some while ago I developed a small patch for sshd, for internal
> consumption, so that, when a client uses a private key, the
> corresponding public key is exported in the environment. I use it
> to
> identify which of a multitude of devices is logged in to a shared
> account, but I'm sure there are many uses to which it could be put.
> Now, I wonder whether there already was a way of achieving the same
> result. I need to be able to identify previously unseen devices, so
> I
> cannot just store the public key (c.f. authorized_keys) before use.
>
> If this patch does indeed provide a new function (could not
> otherwise
> achieve the desired outcome), is it something which would be
> welcomed
> for inclusion in the official source? I've attached the patch so
> that
> you can see what's involved.
Hello,
If I am right, something like this was solved few releases back
(OpenSSH 7.6) based on the bug #2408 [1], which handles this in more
general manner (expose information about all authentication methods
that succeeded).
Brief description can be found in manual page of sshd_config under the
ExposeAuthInfo option. The most of the source code can be found here
[2]
[1] https://bugzilla.mindrot.org/show_bug.cgi?id=2408
[2] https://anongit.mindrot.org/openssh.git/commit/?id=8f574959
Regards,
--
Jakub Jelen
Software Engineer
Security Technologies
Red Hat, Inc.
More information about the openssh-unix-dev
mailing list