SSH: Difference between revisions

From Anthony Pastor Wiki Notes - Verba volant, scripta manent
Jump to navigation Jump to search
No edit summary
No edit summary
Line 5: Line 5:


<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
LogLevel VERBOSE
LogLevel VERBOSE
</syntaxhighlight>


 
/etc/init.d/ssh restart
<syntaxhighlight lang="bash">
/etc/init.d/ssh restart
</syntaxhighlight>
</syntaxhighlight>


Line 18: Line 15:


<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
<nowiki>
while read l; do
while read l; do
   [[ -n $l && ${l###} = $l ]] && ssh-keygen -l -f /dev/stdin <<<$l;
   [[ -n $l && ${l###} = $l ]] && ssh-keygen -l -f /dev/stdin <<<$l;
done < /root/.ssh/authorized_keys
done < /root/.ssh/authorized_keys
</nowiki>
</syntaxhighlight>
</syntaxhighlight>

Revision as of 01:34, 5 December 2015

Display key fingerprints informations in /var/log/auth.log

If you have multiple users connecting to a single SSH account (ie: root) and you want to identify clearly who's connecting:

Ensure this value in /etc/ssh/sshd_config:

LogLevel VERBOSE

/etc/init.d/ssh restart

Everytime a new SSH connexion is completed you could list the fingerprint used: tail -f /var/log/auth.log

To identify a fingerprint's owner by listing all entries in /root/.ssh/authorized_keys

while read l; do
  [[ -n $l && ${l###} = $l ]] && ssh-keygen -l -f /dev/stdin <<<$l;
done < /root/.ssh/authorized_keys