search for: 02t12

...1.1w 11 Sep 2023) the same error occurs. $ /opt/openssh-9.2p1/bin/ssh -p 2232 root at 192.168.1.2 -vvvvv ... debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent Connection reset by 192.168.1.2 port 2232 The server log messages from `/var/log/auth.log` are 2023-12-02T12:28:41.051665-08:00 host1 sshd[3790]: Connection from 192.168.1.3 port 62155 on 192.168.1.2 port 2232 rdomain "" 2023-12-02T12:28:41.050817-08:00 host1 sshd[3790]: Connection from 192.168.1.3 port 62155 on 192.168.1.2 port 2232 rdomain "" 2023-12-02T12:28:41.053381-08:00 host1 au...

I notice that when using log level INFO it seems sshd(8) provides very little information about failed SSH certificate log in attempts: Apr 5 14:44:41 server sshd-session[51695]: error: Certificate invalid: not yet valid Apr 5 14:45:31 server sshd-session[88953]: error: Certificate invalid: expired Likewise for invalid principals: Apr 5 14:46:56 server sshd-session[66692]: error:

...ll that. But here is an illustration of how it could be: Apr 5 14:44:41 server sshd-session[51695]: error: Certificate invalid: not yet valid, id=abcdefg serial=23456 and Apr 5 14:45:31 server sshd-session[88953]: error: Certificate invalid: expired, id=abcdefg serial=23456 date=2025-04-02T12:45:47 and Apr 5 14:46:56 server sshd-session[66692]: error: Certificate invalid: name is not a listed principal, id=abcdefg serial=23456 name=someone Perhaps for all those the reason variable in sshkey.c would be the place to append the id and serial number. When authentication is refused...