SSH FingerprintLogging: Difference between revisions

From Lolly's Wiki
Jump to navigationJump to search
 
(One intermediate revision by the same user not shown)
Line 6: Line 6:
==Add magic to your .bashrc==
==Add magic to your .bashrc==
* ~/.bashrc
* ~/.bashrc
Not fully working... wait...
<syntaxhighlight lang=bash>
<syntaxhighlight lang=bash>
...
...
FINGERPRINT=$(ssh_client_array=( ${SSH_CLIENT} ); journalctl --lines=100 --grep "${ssh_client_array[0]} port ${ssh_client_array[1]}" --no-pager --quiet --unit=ssh.service | awk 'END{print $NF}')
FINGERPRINT=$([ -z "${SSH_CLIENT}" ] || { ssh_client_array=( ${SSH_CLIENT} ); [ -z "${SSH_CLIENT}" ] || journalctl --lines=100 --grep "${ssh_client_array[0]} port ${ssh_client_array[1]}" --no-pager --quiet --unit=ssh.service | awk 'END{print $NF}' ; } )
export HISTFILE=~/.bash_history_${FINGERPRINT:-${SUDO_USER:-default}}
...
</syntaxhighlight>
 
or
 
<syntaxhighlight lang=bash>
...
FINGERPRINT=$([ -z "${SSH_CLIENT}" ] || { ssh_client_array=( ${SSH_CLIENT} ); [ -z "${SSH_CLIENT}" ] || journalctl --lines=100 --grep "${ssh_client_array[0]} port ${ssh_client_array[1]}" --no-pager --quiet --unit=ssh.service | awk 'END{print $NF}' ; })
export HISTFILE=~/.bash_history_${FINGERPRINT:-${SUDO_USER:-default}}
export HISTFILE=~/.bash_history_${FINGERPRINT:-${SUDO_USER:-default}}
...
...
</syntaxhighlight>
</syntaxhighlight>

Latest revision as of 11:57, 6 June 2024

SSH Fingerprintlogging

Why logging fingerprints?

It is just for the possibility of setting the Bash HISTFILE per logged in user.

Add magic to your .bashrc

  • ~/.bashrc

Not fully working... wait...

...
FINGERPRINT=$([ -z "${SSH_CLIENT}" ] || { ssh_client_array=( ${SSH_CLIENT} ); [ -z "${SSH_CLIENT}" ] || journalctl --lines=100 --grep "${ssh_client_array[0]} port ${ssh_client_array[1]}" --no-pager --quiet --unit=ssh.service | awk 'END{print $NF}' ; } )
export HISTFILE=~/.bash_history_${FINGERPRINT:-${SUDO_USER:-default}}
...

or

...
FINGERPRINT=$([ -z "${SSH_CLIENT}" ] || { ssh_client_array=( ${SSH_CLIENT} ); [ -z "${SSH_CLIENT}" ] || journalctl --lines=100 --grep "${ssh_client_array[0]} port ${ssh_client_array[1]}" --no-pager --quiet --unit=ssh.service | awk 'END{print $NF}' ; })
export HISTFILE=~/.bash_history_${FINGERPRINT:-${SUDO_USER:-default}}
...