Bug 3019 - Journal log for incoming public key connect not helpful to know origin
Summary: Journal log for incoming public key connect not helpful to know origin
Status: CLOSED DUPLICATE of bug 1674
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 7.9p1
Hardware: Other Linux
: P5 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-06-12 22:04 AEST by Dirk Stöcker
Modified: 2021-04-23 14:53 AEST (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dirk Stöcker 2019-06-12 22:04:36 AEST 
In case of an incomming SSH connection the journal contains the following entry:

Accepted publickey for root from ... port ... ssh2: ECDSA SHA256:...

that is not helpful to find the real source.

in authorized_keys the entries look like

ecdsa-sha2-nistp256 ... user@domain

It would be very helpful, when the above log message also contains the "user@domain" part. That would make the log message much more helpful. If not, the output should instead of the SHA256 at least contain the same format as the authorized_keys entry has.
Comment 1 Damien Miller 2020-01-25 23:25:21 AEDT 

*** This bug has been marked as a duplicate of bug 1674 ***
Comment 2 Damien Miller 2021-04-23 14:53:13 AEST 
closing resolved bugs as of 8.6p1 release