We help IT Professionals succeed at work.

How to log public key of ssh client to ssh server?

Balbir Singh
Balbir Singh asked
on
We know that in private public key authentication ssh client sends its public to to ssh-server. I would like to know if there is way we can log the public key of the client in ssh log file. Or is there a way to achieve it? Any direction in this would be highly appreciated.

Best Regards.
Comment
Watch Question

View Solutions Only

Commented:
Edit the  sshd_config file LogLevel directive to VERBOSE:

LogLevel VERBOSE

man sshd_config

...
  LogLevel
             Gives the verbosity level that is used when logging messages from
             sshd(8).  The possible values are: QUIET, FATAL, ERROR, INFO,
             VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.  The default is INFO.
             DEBUG and DEBUG1 are equivalent.  DEBUG2 and DEBUG3 each specify
             higher levels of debugging output.  Logging with a DEBUG level
             violates the privacy of users and is not recommended.

...
skullnobrains
Commented:
i second the above solution : it will work. but it will produce lots of log lines.

an alternative can be to validate the key using AuthorizedKeysCommand in sshd_config and log the key within the command. i used to track system access and centralize ssh keys like this some time ago on platforms on which everybody logs on as root so tracing is otherwise difficult.
David FavorFractional CTO
Distinguished Expert 2019

Commented:
You said, "I would like to know if there is way we can log the public key of the client in ssh log file."

As said above, you can log everything (serialband) + this will produce a lot of log data (skullnobrains).

Maybe ask the question behind your question.

In other words, describe what problem you're trying to solve using logging.