d_asselin
asked on
security
Hi All!
Here is the question. Mostly I’m looking for a idea on
How I could track the usage of SSH private/public keys.
What I’m looking for is there a way to detect if a user logd’in
To a server from a remote server using keys with no password
on a UNIX server (Solaris xx)
Dan
Here is the question. Mostly I’m looking for a idea on
How I could track the usage of SSH private/public keys.
What I’m looking for is there a way to detect if a user logd’in
To a server from a remote server using keys with no password
on a UNIX server (Solaris xx)
Dan
ASKER
No not what I’m looking for. I’m not even sure that what I’m looking for
Exists
To be more precise a user connecting to a remote server using public/private keys
Is not prompted for a password. What I’m looking for, is there a way to track such
A access to a sever
Exists
To be more precise a user connecting to a remote server using public/private keys
Is not prompted for a password. What I’m looking for, is there a way to track such
A access to a sever
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you all
It was my impression that it was not possible you just confirmed it.
This issue is closed. I just needed a second opinion on the subject in cases
Someone had a idea or a possibility that could be explored
Again thank you all for the inputs
Dan
It was my impression that it was not possible you just confirmed it.
This issue is closed. I just needed a second opinion on the subject in cases
Someone had a idea or a possibility that could be explored
Again thank you all for the inputs
Dan
If what you are looking for is whether a user logged on using public-key or password the ssh log should show you that:
May 17 09:03:17 server sshd[27637]: Accepted publickey for user from 100.0.0.100 port 59057 ssh2May 17 09:03:17 server sshd[27637]: pam_unix(sshd:session): session opened for user user by (uid=0)May 17 12:39:23 server sshd[30250]: Accepted password for user from 200.175.33.3 port 59110 ssh2May 17 12:39:24 server sshd[30250]: pam_unix(sshd:session): session opened for user user by (uid=0)
Cheers,
K.