Debian Bug report logs - #111598
sshd should log information about which key was used for login

version graph

Package: ssh; Maintainer for ssh is Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>; Source for ssh is src:openssh (PTS, buildd, popcon).

Reported by: Sam Vilain <sam@vilain.net>

Date: Fri, 7 Sep 2001 16:03:01 UTC

Severity: wishlist

Merged with 75043

Found in versions 1:2.2.0p1-1, 1:2.5.2p2-3

Fixed in version openssh/1:5.9p1-1

Done: Colin Watson <cjwatson@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to Matthew Vernon <matthew@debian.org>:
Bug#111598; Package ssh. (full text, mbox, link).

Acknowledgement sent to Sam Vilain <sam@vilain.net>:
New Bug report received and forwarded. Copy sent to Matthew Vernon <matthew@debian.org>. (full text, mbox, link).

Message #5 received at maintonly@bugs.debian.org (full text, mbox, reply):

From: Sam Vilain <sam@vilain.net>
To: Debian Bug Tracking System <maintonly@bugs.debian.org>
Subject: sshd should log information about which key was used for login
Date: Fri, 07 Sep 2001 16:55:49 +0100
Package: ssh
Version: 1:2.5.2p2-3
Severity: wishlist

It would be nice if ssh was to log the fingerprint of the key used to
log in, or perhaps the comment of the key.

I use purely RSA autentication to log in to servers directly as root
(and set allowrootlogin: no-password), but it would be nice if it
didn't generate the alarming looking "Accepted rsa for ROOT from...".
If the comment for that key was, eg "sam@vilain.net", then the message
could be something like "root login by sam@vilain.net from ..."

Sound sensible?

Cheers,
Sam.

-- System Information
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux hoffman 2.4.9 #1 Tue Sep 4 01:16:00 BST 2001 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages ssh depends on:
ii  debconf                       0.9.95     Debian configuration management sy
ii  libc6                         2.2.4-1    GNU C Library: Shared libraries an
ii  libpam-modules                0.72-30    Pluggable Authentication Modules f
ii  libpam0g                      0.72-30    Pluggable Authentication Modules l
ii  libssl0.9.6                   0.9.6a-3   SSL shared libraries
ii  libwrap0                      7.6-8.2    Wietse Venema's TCP wrappers libra
ii  zlib1g                        1:1.1.3-15 compression library - runtime

Information forwarded to debian-bugs-dist@lists.debian.org, Matthew Vernon <matthew@debian.org>, openssh@packages.qa.debian.org:
Bug#111598; Package ssh. (full text, mbox, link).

Acknowledgement sent to Colin Watson <cjwatson@debian.org>:
Extra info received and forwarded to list. Copy sent to Matthew Vernon <matthew@debian.org>, openssh@packages.qa.debian.org. (full text, mbox, link).

Message #10 received at 111598@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>
To: Sam Vilain <sam@vilain.net>
Cc: 111598@bugs.debian.org, Russell Coker <russell@coker.com.au>, 75043-quiet@bugs.debian.org, control@bugs.debian.org
Subject: Re: sshd should log information about which key was used for login
Date: Fri, 3 Jan 2003 18:43:27 +0000
merge 75043 111598
thanks

On Fri, Sep 07, 2001 at 04:55:49PM +0100, Sam Vilain wrote:
> Package: ssh
> Version: 1:2.5.2p2-3
> Severity: wishlist
> 
> It would be nice if ssh was to log the fingerprint of the key used to
> log in, or perhaps the comment of the key.

It would, and as of OpenSSH 3.1 it does log the key fingerprint if you
set 'LogLevel VERBOSE', like so:

  Jan  3 18:38:33 arborlon sshd[15224]: Connection from ::ffff:127.0.0.1 port 46983
  Jan  3 18:38:34 arborlon sshd[15224]: Failed none for cjwatson from ::ffff:127.0.0.1 port 46983 ssh2
  Jan  3 18:38:34 arborlon sshd[15224]: Found matching DSA key: 18:07:5f:c7:85:37:e5:bd:45:e5:0f:80:5e:7b:13:96
  Jan  3 18:38:34 arborlon sshd[15224]: Found matching DSA key: 18:07:5f:c7:85:37:e5:bd:45:e5:0f:80:5e:7b:13:96
  Jan  3 18:38:34 arborlon sshd[15224]: Accepted publickey for cjwatson from ::ffff:127.0.0.1 port 46983 ssh2

Unfortunately this only works for protocol 2, not protocol 1, when using
privilege separation. After staring at the code for a while, I've
figured out why, and reported it to openssh-unix-dev; I'll keep you
informed of progress on this.

This also appears to be bug #75043, so cc'ed there.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Merged 75043 111598. Request was from Colin Watson <cjwatson@debian.org> to control@bugs.debian.org. (full text, mbox, link).

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 16 Oct 2011 07:34:37 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Mar 25 17:59:55 2023; Machine Name: bembo

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.