search for: aaaab3nza

Can openssh log which public key, as listed in the authorized keys file, was used to log in? If so, how? I don't see a config option, so I'm currently using a custom command via COMMAND="....." ssh-dss AAAAB3Nza..... key1 COMMAND="....." ssh-dss AAAABFFFF..... key2 to log the key. It would be nice if there was a better way. Suggestions? Anthony. -- Anthony R Fletcher Room 2033, Building 12A, http://dcb.cit.nih.gov/~arif National Institutes of Health, arif at mail.nih.go...

...rted by %s@%s from OpenSSH", key_size(k), key_type(k), pw->pw_name, hostname); keygen.c:504: do_convert_from_ssh2(struct passwd *pw, Key **k, int *private) Step to reproduce: ssh-keygen -t rsa -C "a pretty useful comment" -f mykey1 cat mykey1.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUeyrplNBmRK+1icSgoF/0eh6kqzd9n9+KgzqHPWaj[..]/juD3ww2YXlvPxVmJ83Pgg9bi1gLU9vef7L6rtJ5W/FvMgqISqWggBlLwE52foWXhlwXSjgwVX5OnCEphyYXSya1ykBKcQZO7TPNog8MJ a pretty useful comment ssh-keygen -f mykey1.pub -e -m RFC4716 >mykey1-RFC4716.pub #do_convert_to_ssh2 cat mykey1-RFC4716.pu...

...le -- similar to the "permitopen"-option for -L style forwards. This is desirable if you want to have restricted accounts/keys that can only be used for -R style forwards on certain ports. With this example authorized_keys file: restrict,permitlisten="localhost:8080" ssh-rsa AAAAB3Nza... This is allowed: $ ssh -R 8080:localhost:80 root at localhost -N While this is not allowed (note port 8081): $ ssh -R 8081:localhost:80 root at localhost -N Error: remote port forwarding failed for listen port 8081 This is a preliminary patch (no support for a servconf option "PermitList...

https://bugzilla.mindrot.org/show_bug.cgi?id=1602 --- Comment #8 from Marc Herbert <marc.herbert+mindrot at gmail.com> --- Fun fact: ssh _does_ produce brackets for IPv6 addresses in .ssh/known_hosts: [review.openstack.org]:29418,[104.130.246.32]:29418 ssh-rsa AAAAB3NzaC1yc2... [review.openstack.org]:29418,[2001:4800:7819:103:be76:4eff:fe04:9229]:29418 ssh-rsa AAAAB3Nza... But it can't parse back what it printed itself: ssh ssh://[review.openstack.org]:29418 OK ssh ssh://[104.130.246.32]:29418 OK ssh ssh://[2001:...

...Host key verification seems to match in known_hosts against what was entered, but the error message when there is no match might be misunderstood when the destination was entered as an IP address, using a non-standard (but legal) format. ~/.ssh/known_hosts might have a listing: 10.8.1.1 ssh-rsa AAAAB3Nza... ... but if you were to ssh to 10.8.001.001 you will see a notice like: The authenticity of host '10.8.001.001 (10.8.1.1)' can't be established. ... assuming that you don't also have 10.8.001.001 in your known_hosts. Making this match both the entered address and the () value...

Hi, Appologies for a possibly inexact bug report but I've noticed a change in behaviour from openssh version 2.5.2p2 to 2.9p2. One of my many uses for openssh is setting up a secure tunnel from my home machine to an external mail server and using fetchmail over said tunnel. When done in this manner fetchmail actually starts up openssh. When I moved from 2.5.2p2 -> 2.9p2 (both compiled

...rsync -avz --rsh='ssh -p2222' /home/foor/bar/ mirror@myrsyndserver:mirror/ Still works fine ;) But my user can login in my box with SSH. So, after a couple of google, i found that i have to edit authorised_keys and put : command="rsync --daemon -vv --server ." ssh-rsa AAAAB3NzaC1............... But now, i have this error : $ rsync -avvvz --rsh='ssh -p2222' /home/foor/bar/ mirror@myrsyndserver:mirror/ opening connection using ssh -p2222 -l mirror myrsyndserver rsync --server -vvvlogDtprz . mirror/ rsync: connection unexpectedly closed (0 bytes receive...

...ext in the log="text" directive is appended to the log line, so you can easily tell which key is matched. For instance the line: log="hello world!",no-agent-forwarding,command="/bin/true",no-pty, no-user-rc,no-X11-forwarding,permitopen="127.0.0.1:7" ssh-rsa AAAAB3Nza....xcgaK9xXoU= alex at example.com produces a log line output like Oct 8 11:04:47 test sshd[18469]: Accepted publickey for testuser from 10.11.12.13 port 55580 ssh2 hello world! A more useful use case might be to put the key's comment in the log="" line. This has been tested on...

...you could check key-types supported by server: >$ ssh-keyscan localhost ># localhost SSH-2.0-OpenSSH_4.7 >localhost x509v3-sign-rsa Subject:C=XX,... ># localhost SSH-2.0-OpenSSH_4.7 >localhost x509v3-sign-dss Subject:C=XX,... ># localhost SSH-2.0-OpenSSH_4.7 >localhost ssh-rsa AAAAB3Nza.... ># localhost SSH-2.0-OpenSSH_4.7 >no hostkey alg > > >Command ssh-keyscan (see man page) scan for protocol version 2 keys by >default. > >Roumen >_______________________________________________ >openssh-unix-dev mailing list >openssh-unix-dev at mindrot.org &g...