1523 – Log public key identifier on pubkey login

Bug 1523 - Log public key identifier on pubkey login

Summary: Log public key identifier on pubkey login

Status:	CLOSED WORKSFORME

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	5.1p1
Hardware:	All All

Importance:	P2 enhancement
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2008-09-06 03:27 AEST by jm9991
Modified:	2009-02-23 13:36 AEDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description jm9991 2008-09-06 03:27:46 AEST

It would be useful for auditing purposes if sshd logged something that identified which public key inside was used during a pubkey login, such as the key comment from the authorized_keys file or key-id of some sort. Currently it only records that a pubkey was used.

Comment 1 Damien Miller 2008-12-08 10:01:52 AEDT

Please use loglevel=verbose in sshd_config, it already does what you want:

Dec  8 09:19:14 fuyu sshd[1113]: Found matching RSA key: a3:26:13:88:0d:68:21:7f:1c:b8:b3:3b:f1:7f:18:30
Dec  8 09:19:14 fuyu sshd[1113]: Accepted publickey for djm from 127.0.0.1 port 44159 ssh2

Comment 2 Damien Miller 2009-02-23 13:36:25 AEDT

Close bugs fixed/reviewed for openssh-5.2 release