bugzilla-daemon at bugzilla.mindrot.org
2008-Sep-05 17:27 UTC
[Bug 1523] New: Log public key identifier on pubkey login
https://bugzilla.mindrot.org/show_bug.cgi?id=1523
Summary: Log public key identifier on pubkey login
Product: Portable OpenSSH
Version: 5.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: jm9991 at att.com
It would be useful for auditing purposes if sshd logged something that
identified which public key inside was used during a pubkey login, such
as the key comment from the authorized_keys file or key-id of some
sort. Currently it only records that a pubkey was used.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Dec-07 23:01 UTC
[Bug 1523] Log public key identifier on pubkey login
https://bugzilla.mindrot.org/show_bug.cgi?id=1523
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WORKSFORME
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> 2008-12-08
10:01:52 ---
Please use loglevel=verbose in sshd_config, it already does what you
want:
Dec 8 09:19:14 fuyu sshd[1113]: Found matching RSA key:
a3:26:13:88:0d:68:21:7f:1c:b8:b3:3b:f1:7f:18:30
Dec 8 09:19:14 fuyu sshd[1113]: Accepted publickey for djm from
127.0.0.1 port 44159 ssh2
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Feb-23 02:36 UTC
[Bug 1523] Log public key identifier on pubkey login
https://bugzilla.mindrot.org/show_bug.cgi?id=1523
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #2 from Damien Miller <djm at mindrot.org> 2009-02-23
13:36:25 ---
Close bugs fixed/reviewed for openssh-5.2 release
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Apparently Analagous Threads
- Patch for ssh-keygen to allow conversion of public key to openssh format
- [Bug 1526] New: SSH key prompt if public key missing and pubkey auth fails
- [Bug 2342] New: ssh-keygen gives wrong error loading public key message
- [Bug 2415] New: Public key failures are not counted and therefore not logged into syslog
- removing keys from ssh-agent without having key file