HPE Community
Operating System - HP-UX
1840209 Members
2762 Online
110162 Solutions
New Discussion

Re: LogLevel with HP-UX Secure Shell

 
Sauter Marc
New Member

‎05-26-2004 08:32 AM

‎05-26-2004 08:32 AM

LogLevel with HP-UX Secure Shell

I need to know which public key in .ssh/authrized_keys was used by sshd to authenticate the user.
I tried to set the LogLevel parameter in /opt/ssh/etc/sshd_config to DEBUG, DEBUG1, DEBUG2 and DEBUG3. I got an entry in syslog.log with the fingerprint of the public key file used for authentication. There's no difference between the different DEBUG-Levels - the entry in syslog.log didn't change with the different DEBUG-Levels. I'm using HP-UX Secure Shell A.03.71.000.
0 Kudos
Reply
2 REPLIES 2
Sridhar Bhaskarla
Honored Contributor

‎05-26-2004 09:02 AM

‎05-26-2004 09:02 AM

Re: LogLevel with HP-UX Secure Shell

Hi,

I don't know if any of the DEBUG level is going to print that information. One thing you could do is to run sshd with -d option. You can leave the existing sshd running and start the new one on a new port. For ex.,

#sshd -d -p 244

From the other system, connect to this system through port 244.

$ssh hostA -p 244

You should see debugging messages on hostA's sshd session. Once the client connection is terminated, sshd will be shutdown on hostA.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Andrew Cowan
Honored Contributor

‎05-27-2004 07:30 AM

‎05-27-2004 07:30 AM

Re: LogLevel with HP-UX Secure Shell

There's no difference between the log-level of debug1/2/3. The idea is that you can separate debug info by application, otherwise there's so much data, you can't see the wood for the trees.

A word of caution, using SSH with the debug option will trap all user's but also their passwords. This kind of monitoring can cause privacy issues, and could also be in breach of the UK Human Rights, and Data Protection laws.
Obviously you'll need to look at the laws that cover your locality.

To find out which keys are being exchanged simply restart your daemon in debug mode "sshd -D" and/or run "ssh -vv". You see the negotiation in real-time, and this includes the files that it accesses.

Good luck,
Andrew
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.