On 23/06/2020 16:11, Alejandro Dabin wrote:
As a side note, more information about the certificate (issue and expiration time) could be useful for auditing. It would be useful too if the server could log it (aside from CA, certificate serial, etc), but couldn't find any option either.
AuthorizedPrincipalsCommand can use a number of tokens which are expanded: %% A literal `%'. %F The fingerprint of the CA key. %f The fingerprint of the key or certificate. %h The home directory of the user. %i The key ID in the certificate. %K The base64-encoded CA key. %k The base64-encoded key or certificate for authentication. %s The serial number of the certificate. %T The type of the CA key. %t The key or certificate type. %U The numeric user ID of the target user. %u The username. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
