by Devin Yang
(This article was automatically translated.)

Published - 2 years ago ( Updated - 2 years ago )

After OpenSSH 7.6, you can use Add to the configuration file of sshd_config
ExposeAuhtInfo yes parameters, restart sshd, and then log in,
There will be an environment variable $SSH_USER_AUTH
This function will be written into a temporary file in tmp, the file contains the login public key

as shown below:

dlaravel@654c1c7fca4b:~$ env| grep SSH
SSH_USER_AUTH=/tmp/sshauth.vWH6DS7R8VSTwrx
SSH_CONNECTION=192.168.88.244 52377 172.29.0.3 22
SSH_CLIENT=192.168.88.244 52377 22
SSH_TTY=/dev/pts/0

You can cat variables to see

cat $SSH_USER_AUTH
publickey ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIKdlWExfqzI8Yo2WxisQIGizaOx9hYKfnstSsyg6T+1

Some people may ask, what can this do, when a bunch of people log in to the same account on the remote host,
For me, From the temporary file, I can know who used which OpenSSH public key to log in to the host.

dlaravel@7661c008b271:/tmp$ ls -lh sshauth.*
-rw------- 1 dlaravel dlaravel 91 Dec 10 12:16 sshauth.qKAzxWvnbGmaT01
-rw------- 1 dlaravel dlaravel 91 December 10 12:16 sshauth.Qvxh5tjKX6z0ZvW


Schematic diagram, for example, who and whom are the two logins below , you can see it with the temporary file.

dlaravel@7661c008b271:/tmp$ w
 12:27:49 up 44 days, 3:48, 2 users, load average: 0.11, 0.07, 0.01
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
dlaravel pts/0 192.168.88.244 12:16 1.00s 0.01s 0.00s w
dlaravel pts/2 192.168.88.86 12:27 7.00s 0.00s 0.00s -bash

Tags: ssh security config

Devin Yang

Feel free to ask me, if you don't get it.:)

No Comment

Post your comment

Login is required to leave comments

Similar Stories


docker, goaccess, config

phpenv actual combat GoAccess is real website analysis (docker version)

Before I start, let me say that GoAccess can also generate static data as long as you have a log, because I think the real-time feeling is more dazzling, so this article will focus on the part of GoAccess real-time display. Although Google Analytics (GA) is very useful, it is also very good to try another GA. For example, you want to know which browsers website users use to visit the website.

laravel,Laravel security

Lock IP in Laravel debug mode

Laravel's debugging mode is quite rich. Laravel's official website has a reminder that you can set APP_DEBUG to true for local development, but in the production environment, this value must always be False.

sshd

How to restart the sshd service of sysnology on the command line

Restart the sshd service of the Synology Nas from the command line