I have realised that I had two keys in my VPS and I wasn’t sure which one it was used when I was ssh-ing so I had to search a bit to find out.<\/p>\n\n\n\n
These two links cover the process:<\/p>\n\n\n\n
https:\/\/unix.stackexchange.com\/questions\/15575\/can-i-find-out-which-ssh-key-was-used-to-access-an-account<\/a><\/p>\n\n\n\n https:\/\/unix.stackexchange.com\/questions\/147295\/how-can-i-determine-which-ssh-keyfile-was-used-to-authenticate-a-login<\/a><\/p>\n\n\n\n 1- You need to increase the logging of your sshd (destination – server)<\/p>\n\n\n\n 2- From client, just ssh as usual to the server and check auth.log<\/em> as per above<\/p>\n\n\n\n 3- So we have the fingertip of the key used by client. Now we need to get the fingertips of our clients keys to find the match:<\/p>\n\n\n\n 4- So the we can see that I am using my id_ed25519.pub<\/em> key to connect to the server<\/p>\n","protected":false},"excerpt":{"rendered":" I have realised that I had two keys in my VPS and I wasn’t sure which one it was used when I was ssh-ing so I had to search a bit to find out. These two links cover the process: https:\/\/unix.stackexchange.com\/questions\/15575\/can-i-find-out-which-ssh-key-was-used-to-access-an-account https:\/\/unix.stackexchange.com\/questions\/147295\/how-can-i-determine-which-ssh-keyfile-was-used-to-authenticate-a-login 1- You need to increase the logging of your sshd (destination – server) … Continue reading “Which SSH keyfile was used to authenticate a login?”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,4],"tags":[],"class_list":["post-237","post","type-post","status-publish","format-standard","hentry","category-unix","category-security"],"_links":{"self":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts\/237","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/comments?post=237"}],"version-history":[{"count":1,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts\/237\/revisions"}],"predecessor-version":[{"id":238,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts\/237\/revisions\/238"}],"wp:attachment":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/media?parent=237"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/categories?post=237"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/tags?post=237"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}server# vim \/etc\/ssh\/sshd_config\nLogLevel VERBOSE\nserver# service sshd restart\nserver# tail -f \/var\/log\/auth.log<\/pre>\n\n\n\n
Jul 3 14:17:55 server sshd[8600]: Connection from IPV6 port 57628 on IPV6::453 port 64022\nJul 3 14:17:55 server sshd[8600]: Postponed publickey for client from IPv6 port 57628 ssh2 [preauth]\nJul 3 14:17:55 server sshd[8600]: Accepted publickey for client from IPv6 port 57628 ssh2: ED25519 SHA256:BtOAX9eVpFJJgJ5HzjKU8E973m+MX+3gDxsm7eT\/iEQ\nJul 3 14:17:55 server sshd[8600]: pam_unix(sshd:session): session opened for user client by (uid=0)\nJul 3 14:17:55 server sshd[8600]: User child is on pid 8606\nJul 3 14:17:55 server sshd[8606]: Starting session: shell on pts\/7 for client from IPv6 port 57628 id 0<\/pre>\n\n\n\n
client $ ssh-keygen -l -f ~\/.ssh\/id_ed25519.pub\n256 SHA256:BtOAX9eVpFJJgJ5HzjKU8E973m+MX+3gDxsm7eT\/iEQ client@local (ED25519)<\/pre>\n\n\n\n