Mailing List Archive

logging the public key
We are running OpenSSH versions 4.3 and 5.5 on a mixture of CentOS 5,
Debian and Fedora 14 systems.

Can OpenSSH log which public key, as listed in the authorized keys
file, was used to log in? If so, how? This would be useful for
auditing purposes.

I don't see a config option, so I'm currently using a custom command via
COMMAND="....." ssh-dss AAAAB3Nza..... key1
COMMAND="....." ssh-dss AAAABFFFF..... key2
to log the key. It would be nice if there was a better way.
Suggestions?

Anthony.
Re: logging the public key [ In reply to ]
I turn on debugging in sshd_config and that way the key fingerprints
are recorded when people log in. I move the logging out of messages
though because then you get so much. I wish they'd add an option just
to record the keys without all the other debugging info.

Maria

On Feb 4, 2011, at 2:40 PM, Anthony R Fletcher wrote:

> We are running OpenSSH versions 4.3 and 5.5 on a mixture of CentOS 5,
> Debian and Fedora 14 systems.
>
> Can OpenSSH log which public key, as listed in the authorized keys
> file, was used to log in? If so, how? This would be useful for
> auditing purposes.
>
> I don't see a config option, so I'm currently using a custom command
> via
> COMMAND="....." ssh-dss AAAAB3Nza..... key1
> COMMAND="....." ssh-dss AAAABFFFF..... key2
> to log the key. It would be nice if there was a better way.
> Suggestions?
>
> Anthony.
>