Displaying 2 results from an estimated 2 matches for "auth_check_authkey_line".
2025 May 22
1
LogLevel INFO shows few details for Certificate invalid: not yet valid / expired
..."serial=%llu: %s", key->cert->key_id,
+ (unsigned long long)key->cert->serial, reason);
goto out;
}
}
diff --git a/auth2-pubkeyfile.c b/auth2-pubkeyfile.c
index c3bd24b..09ce37e 100644
--- a/auth2-pubkeyfile.c
+++ b/auth2-pubkeyfile.c
@@ -343,15 +343,15 @@ auth_check_authkey_line(struct passwd *pw, struct sshkey *key,
/* Parse and check options present in certificate */
if ((certopts = sshauthopt_from_cert(key)) == NULL) {
reason = "Invalid certificate options";
- goto fail_reason;
+ goto cert_fail_reason;
}
if (auth_authorise_keyopts(pw, certopts, 0,...
2025 May 21
1
LogLevel INFO shows few details for Certificate invalid: not yet valid / expired
On 4/5/25 15:01, Lars Nood?n wrote:
> I notice that when using log level INFO it seems sshd(8) provides very
> little information about failed SSH certificate log in attempts:
>
> Apr? 5 14:44:41 server sshd-session[51695]: error: Certificate invalid:
> not yet valid
>
> Apr? 5 14:45:31 server sshd-session[88953]: error: Certificate invalid:
> expired
>
>