On Tue, Jan 24, 2006 at 11:04:33AM -0700, Spruell, Darren-Perot wrote: > Is it possible to have sshd log information about the key used to > authenticate to a given user account upon connection? > > Our situation is that we have a user account that multiple people have > access to log into to retrieve files. Each user authenticates to that > account with their own SSH key. Current log entry shows: > > Jan 24 11:01:20 sftp sshd[23555]: Accepted publickey for transfers from > 10.2.58.44 port 1420 ssh2 > > Would be useful to have information logged for the connection identifying > the key used to authenticate, by the key comment if possible. Does sshd > already have this capability? Would anyone consider this a useful feature > addition?
Have you tried LogLevel VERBOSE in sshd_config(5)? That prints lines like 'Found matching DSA key: <fingerprint>" in the log file. Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
