maria at iano
Feb 7, 2011, 9:40 AM
Post #2 of 2
(1158 views)
Permalink
|
I turn on debugging in sshd_config and that way the key fingerprints
are recorded when people log in. I move the logging out of messages
though because then you get so much. I wish they'd add an option just
to record the keys without all the other debugging info.
Maria
On Feb 4, 2011, at 2:40 PM, Anthony R Fletcher wrote:
> We are running OpenSSH versions 4.3 and 5.5 on a mixture of CentOS 5,
> Debian and Fedora 14 systems.
>
> Can OpenSSH log which public key, as listed in the authorized keys
> file, was used to log in? If so, how? This would be useful for
> auditing purposes.
>
> I don't see a config option, so I'm currently using a custom command
> via
> COMMAND="....." ssh-dss AAAAB3Nza..... key1
> COMMAND="....." ssh-dss AAAABFFFF..... key2
> to log the key. It would be nice if there was a better way.
> Suggestions?
>
> Anthony.
>
|
