Hello.
I would like a way to indicate to sshd(8) that it should log the public
key comment (from AuthorizedKeysFile / AuthorizedKeysCommand) in
addition to, or instead of, the public key fingerprint, when printing
the key details to syslog, during logging of the "Accepted publickey for
..." message.
Obviously this would require some sanitisation, such as a reasonable
maximum length.
Note that if this is implemented, the sshd(8) manpage will have to be
updated, as it currently states that the "comment field is not used for
anything".
Regards,
Aaron Jones
I would like a way to indicate to sshd(8) that it should log the public
key comment (from AuthorizedKeysFile / AuthorizedKeysCommand) in
addition to, or instead of, the public key fingerprint, when printing
the key details to syslog, during logging of the "Accepted publickey for
..." message.
Obviously this would require some sanitisation, such as a reasonable
maximum length.
Note that if this is implemented, the sshd(8) manpage will have to be
updated, as it currently states that the "comment field is not used for
anything".
Regards,
Aaron Jones
Attached Files:
-
OpenPGP_signature (0.81 KB)