sshd: logging client's public key

git ssh ssh-keys public-key

Solution 1:

If you need the public key for whitelisting, you cannot pick it from failed attempt. It is not about sshd or its configuration at all, but the protocol itself, as public key authentication goes this way:

  1. Client sends an ID for the key pair.
  2. Server compares the ID to the authorized_keys file.
  3. Server generates a random number and uses the matching public key to encrypt it.
  4. Server sends it to the client.
  5. Client decrypts it, combines it with shared session key and sends back MD5 of this.
  6. Server calculates the same checksum on its own and compares them together.

In failed attempts this stops on step 2 preventing everything further happen. Nevertheless, the whole public key is never sent to the server, just the ID.

One does not simply log something he doesn't even know.

Related

In what conditions are local files seen or written by an App-V application?
ISC DHCPD class is not assigned
Fail2Ban Not Banning on CentOS 7 with SELinux
How do I purge dhcpd.leases? [duplicate]
Windows: change own password of standard user by using commandline
How can I correct my foreach loop in powershell for every Active Directory OU user?
ID Best Practices for Databases [closed]
How to set the "value" and "for" attribute using Object.assign
How can I define a check constraint on a string length (Django)
How do I set the default size of a textarea separately from the minimum size?
MySQL FullText Search with Sequelize
VBA Macro that splits data based of cell value ; and warp text