SSH FingerprintLogging: Difference between revisions
From Lolly's Wiki
Jump to navigationJump to search
(One intermediate revision by the same user not shown) | |||
Line 6: | Line 6: | ||
==Add magic to your .bashrc== | ==Add magic to your .bashrc== | ||
* ~/.bashrc | * ~/.bashrc | ||
Not fully working... wait... | |||
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
... | ... | ||
FINGERPRINT=$(ssh_client_array=( ${SSH_CLIENT} ); journalctl --lines=100 --grep "${ssh_client_array[0]} port ${ssh_client_array[1]}" --no-pager --quiet --unit=ssh.service | awk 'END{print $NF}') | FINGERPRINT=$([ -z "${SSH_CLIENT}" ] || { ssh_client_array=( ${SSH_CLIENT} ); [ -z "${SSH_CLIENT}" ] || journalctl --lines=100 --grep "${ssh_client_array[0]} port ${ssh_client_array[1]}" --no-pager --quiet --unit=ssh.service | awk 'END{print $NF}' ; } ) | ||
export HISTFILE=~/.bash_history_${FINGERPRINT:-${SUDO_USER:-default}} | |||
... | |||
</syntaxhighlight> | |||
or | |||
<syntaxhighlight lang=bash> | |||
... | |||
FINGERPRINT=$([ -z "${SSH_CLIENT}" ] || { ssh_client_array=( ${SSH_CLIENT} ); [ -z "${SSH_CLIENT}" ] || journalctl --lines=100 --grep "${ssh_client_array[0]} port ${ssh_client_array[1]}" --no-pager --quiet --unit=ssh.service | awk 'END{print $NF}' ; }) | |||
export HISTFILE=~/.bash_history_${FINGERPRINT:-${SUDO_USER:-default}} | export HISTFILE=~/.bash_history_${FINGERPRINT:-${SUDO_USER:-default}} | ||
... | ... | ||
</syntaxhighlight> | </syntaxhighlight> |
Latest revision as of 11:57, 6 June 2024
SSH Fingerprintlogging
Why logging fingerprints?
It is just for the possibility of setting the Bash HISTFILE per logged in user.
Add magic to your .bashrc
- ~/.bashrc
Not fully working... wait...
...
FINGERPRINT=$([ -z "${SSH_CLIENT}" ] || { ssh_client_array=( ${SSH_CLIENT} ); [ -z "${SSH_CLIENT}" ] || journalctl --lines=100 --grep "${ssh_client_array[0]} port ${ssh_client_array[1]}" --no-pager --quiet --unit=ssh.service | awk 'END{print $NF}' ; } )
export HISTFILE=~/.bash_history_${FINGERPRINT:-${SUDO_USER:-default}}
...
or
...
FINGERPRINT=$([ -z "${SSH_CLIENT}" ] || { ssh_client_array=( ${SSH_CLIENT} ); [ -z "${SSH_CLIENT}" ] || journalctl --lines=100 --grep "${ssh_client_array[0]} port ${ssh_client_array[1]}" --no-pager --quiet --unit=ssh.service | awk 'END{print $NF}' ; })
export HISTFILE=~/.bash_history_${FINGERPRINT:-${SUDO_USER:-default}}
...