openssh bugs - Nov 2018 - [Bug 2934] New: Getting Pubkey Fingerprint Used to Authenticate Current Session

https://bugzilla.mindrot.org/show_bug.cgi?id=2934

            Bug ID: 2934
           Summary: Getting Pubkey Fingerprint Used to Authenticate
                    Current Session
           Product: Portable OpenSSH
           Version: 7.9p1
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Miscellaneous
          Assignee: unassigned-bugs at mindrot.org
          Reporter: support at eggplantsd.com

It would be nice to have an authoritative way to get the pubkey
fingerprint used to authenticate the current session.  It could be a
new utility, an option to an existing utility, or maybe just an
environment variable.

This has already been partially addressed in 2082, but as a log
entry--which is fine for purely informational purposes.  Yet, if anyone
wants to branch out and build functionality with that information, the
log is a very brittle way to do it.  What if the format changes?  What
if my distro's maintainers move it?  What if I don't have access to it?
 etc, etc.

There is already a stackexchange post on the topic--which illustrates
the levels of sed wrangling and distro compensation that arise from
depending solely upon the log:

https://unix.stackexchange.com/questions/15575/can-i-find-out-which-ssh-key-was-used-to-access-an-account

One usage example would be having a git repo under a single machine
account with multiple users under `authorized_keys` for shared
development.

Another would be logging into my own account from different machines
(with different keys), and wanting to script different behavior
depending on which key was used.

I know most of this could be faked with command= and environment=, but
those solutions seem excessively manual.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2934

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Status|NEW                         |RESOLVED
         Resolution|---                         |DUPLICATE

--- Comment #1 from Damien Miller <djm at mindrot.org> ---


*** This bug has been marked as a duplicate of bug 2408 ***

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2934

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.