On Wed, 2018-11-14 at 11:59 +1030, David Newall wrote: > Hello all, > > Some while ago I developed a small patch for sshd, for internal > consumption, so that, when a client uses a private key, the > corresponding public key is exported in the environment. I use it > to > identify which of a multitude of devices is logged in to a shared > account, but I'm sure there are many uses to which it could be put. > Now, I wonder whether there already was a way of achieving the same > result. I need to be able to identify previously unseen devices, so > I > cannot just store the public key (c.f. authorized_keys) before use. > > If this patch does indeed provide a new function (could not > otherwise > achieve the desired outcome), is it something which would be > welcomed > for inclusion in the official source? I've attached the patch so > that > you can see what's involved. Hello, If I am right, something like this was solved few releases back (OpenSSH 7.6) based on the bug #2408 [1], which handles this in more general manner (expose information about all authentication methods that succeeded). Brief description can be found in manual page of sshd_config under the ExposeAuthInfo option. The most of the source code can be found here [2] [1] https://bugzilla.mindrot.org/show_bug.cgi?id=2408 [2] https://anongit.mindrot.org/openssh.git/commit/?id=8f574959 Regards, -- Jakub Jelen Software Engineer Security Technologies Red Hat, Inc. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
