When I connect to the server, I would like to know which pubkey as
open which reverse port.
See the man page of authorized_keys, and specifically the
"environment" there:
environment="ID=user1" ssh-rsa ...
Also I guess you'd use "command=", and perhaps "restrict" or so.
The auth happens when the device opens the SSH connection, and if your
logging verbosity is high enough, the pubkey's fingerprint will be
written to the log. If you really need to identify *the pubkey*, you'll
have to grab the PID of the sshd process holding the reverse port (can
be gleaned from the output of "{netstat,ss} -natp") and then search
through the logs for the lines of when it got started.
An unpriviledged user can't filehandles of other users.
And grepping through logs isn't allowed for normal users as well -
especially not the authentication logs...
Whereas the *IP* of the device in question can be read on demand from
the same netstat/ss output, just look for the incoming SSH connection
held by the same PID ...
No. Just no. ;)
Look at $SSH_CLIENT and/or $SSH_CONNECTION for that kind of information.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
