On Fri, 2 Mar 2012, Mike Mestnik <[email protected]> wrote: > > I'd like to have OpenSSH log the email address field from a key that was > > used for login so I could see something like "ssh key > > [email protected] was used to login to account rjc" in my logs. > > > From what I know that information(the comment on the key) is not vary > secure, Joe could put Bob as his comment... > > However one could so a look-up on the key from a key-server and get the > email address that way. This is assuming that ppl are using there > gpg(email) keys for ssh.
As the person who edits ~/.ssh/authorized_keys can put whatever they like in that field the value isn't great globally. But in the scope of the one account it matters. For example if your account was compromised via a ssh authentication and you had three public keys listed it would be really convenient to know which of the three was used. While the second hostile login couldn't have any useful logging data if my suggestion was followed the first would. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/ -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
