14

Is this possible to customize auth.log about which key was used?

view full story
linux-howto

http://unix.stackexchange.com – I use a classical pair of private/public key in order to connect into servers. For now, we have one dedicated account, let's say foo, which is used by multiple users, each with their own pairs of public/private keys. I am looking for a way to log which user authenticated on this foo account. For now, I manage to found that if I raise LogLevel to VERBOSE in /etc/ssh/sshd_config, ssh log the *fingerprint of the public key in /var/log/auth.log. It looks like this : Apr 2 18:33:15 xxx-yy sshd[32064]: Connection from A.B.C.D port 43286 Apr 2 18:33:15 xxx-yy sshd[32064]: Found matching RSA (HowTos)