[prev in list] [next in list] [prev in thread] [next in thread]
List: debian-user
Subject: Re: ssh key used for login
From: echo test <echotest09 () gmail ! com>
Date: 2020-08-08 14:40:16
Message-ID: CABqZHpAUCT+tBkvqY52=ArMgKFJizLQP6B8hOFW7OkUKv1_dmg () mail ! gmail ! com
[Download RAW message or body]
If what you use is a certificate based authentication, you can add user
identity to the certificate with -I .
Any auth attempt will make that identity logged automatically. Then you
just have to get it from syslogs.
Le sam. 8 août 2020 à 02:26, Kushal Kumaran <kushal@locationd.net> a écrit :
> Rainer Dorsch <ml@bokomoko.de> writes:
>
> > Hi,
> >
> > can anybody tell if there is a way to find out the ssh key (out of the
> ones
> > listed in authorized keys) was used for login to the current session?
> >
>
> See the environment="NAME=value" part in the authorized_keys(5) manpage.
> You can have each entry in authorized_keys set a different value for
> some variable you pick.
>
> You may also be able to use command="command" creatively. This is what
> gitolite does: https://gitolite.com/gitolite/glssh
>
> --
> regards,
> kushal
>
>
[Attachment #3 (text/html)]
<div dir="auto"><div dir="auto"><br></div><div dir="auto">If what you use is a \
certificate based authentication, you can add user identity to the certificate with \
-I .</div><div dir="auto">Any auth attempt will make that identity logged \
automatically. Then you just have to get it from syslogs.</div><div \
dir="auto"><br></div><div dir="auto"><br></div></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">Le sam. 8 août 2020 à 02:26, \
Kushal Kumaran <<a href="mailto:kushal@locationd.net">kushal@locationd.net</a>> \
a écrit :<br></div><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex">Rainer Dorsch <<a \
href="mailto:ml@bokomoko.de" target="_blank" rel="noreferrer">ml@bokomoko.de</a>> \
writes:<br> <br>
> Hi,<br>
><br>
> can anybody tell if there is a way to find out the ssh key (out of the ones <br>
> listed in authorized keys) was used for login to the current session?<br>
><br>
<br>
See the environment="NAME=value" part in the authorized_keys(5) \
manpage.<br> You can have each entry in authorized_keys set a different value for<br>
some variable you pick.<br>
<br>
You may also be able to use command="command" creatively. This is \
what<br> gitolite does: <a href="https://gitolite.com/gitolite/glssh" rel="noreferrer \
noreferrer" target="_blank">https://gitolite.com/gitolite/glssh</a><br> <br>
-- <br>
regards,<br>
kushal<br>
<br>
</blockquote></div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic