bugzilla-daemon at mindrot.org
2007-Feb-09 15:19 UTC
[Bug 1282] Log which key used for authentication
http://bugzilla.mindrot.org/show_bug.cgi?id=1282 Summary: Log which key used for authentication Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Keywords: low-hanging-fruit Severity: security Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: bbeaudoin at peer1.com In INFO mode, the number of the key in .ssh/authorized_keys isn't logged (though sshd does log the fact a public key was used for authentication). The same issue occurs when a valid key is used from an invalid host (the system logs that a valid key was presented, but not which one). The man page states that DEBUG logging level is not recommended for privacy reasons; there is a real need to audit connections based on the keys used from which hosts. Could this logging feature be moved from DEBUG to INFO to alieviate audit concerns without the additional verbosity? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2007-Feb-09 18:31 UTC
[Bug 1282] Log which key used for authentication
http://bugzilla.mindrot.org/show_bug.cgi?id=1282 ------- Comment #1 from djm at mindrot.org 2007-02-10 05:31 ------- Have you tried "LogLevel VERBOSE"? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Reasonably Related Threads
- [Bug 1282] Log which key used for authentication
- [Bug 1468] New: sshd does not log failed attempts using key-based authentication only
- [Bug 1394] New: SCP used to overwrite key
- asterisk sip peer/user matching methods for authentication backwards?
- [Bug 1172] [PATCH] Restrict public key authentication to scp access only