需求
跳板机需要记录用户登陆日志
实现
查看/var/log/auth.log包含用户认证信息如下
Accepted publickey for jump from XXX.XXX.XX.XXX port XXXXX ssh2: RSA SHA256:pO8i...
其中SHA256可于识别用户
$ ssh-keygen -lf ~/.ssh/authorized_keys
256 SHA256:xxxx... user1 (ED25519)
2048 SHA256:pO8i... user2 (RSA)
具体算法实现
cat .ssh/id_rsa.pub |
awk '{ print $2 }' | # Only the actual key data without prefix or comments
base64 -d | # decode as base64
sha256sum | # SHA256 hash (returns hex)
awk '{ print $1 }' | # only the hex data
xxd -r -p | # hex to bytes
base64 # encode as base64
参考
ssh - What is the SHA256 that comes on the sshd entry in auth.log? - Server Fault