ssh: improve logging for public key authentication (authorized_keys)

["Ulrich Windl" <ulrich_(_dot_)_windl_(_at_)_rz_(_dot_)_uni-regensburg_(_dot_)_de>]

Hello,

I've queried the PR database, but could not find any change-request regarding the 
issue that'll follow (I thought I had suggested it a few years before):

Currently when authentication via a public key found in ~/.ssh/authorized_keys, 
the syslog message reads like this:

sshd[6155]: Accepted publickey for root from 192.168.0.12 port 50233 ssh2

Now if you imagine that "root" is just a role, and "authorized_keys" does actually 
contain one key for each person who may take the role of root, you might 
understand the wish to log which public key was accepted.

[Note: When loggin in via the shared secret (password), it's clear which secret        
was used, but it's not for "authorized keys":
       sshd[1782]: Accepted password for root from 132.199.176.215 port 2420 ssh2
]

To be specific, I suggest to replace the phrase "publickey" (shouldn't it be 
"public key" anyway?) with something like "public key 
9d:20:47:83:1e:5e:97:1c:2f:5f:b4:52:5b:b6:15:da" (adding the fingerprint of the 
user's public key). This was inspired by the connection message to some yet 
unknown host:

The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is 9d:20:47:83:1e:5e:97:1c:2f:5f:b4:52:5b:b6:15:da.

I assume that a fingerprint from the user's public key can be created inside sshd, 
and that that string with the fingerprint can be passed as `method' to auth_log() 
in auth.c. Unfortunately this enhancement is not quite trivial.

I think that the security is not weakened by adding this change. If in doubt, the 
feature could be controllable by some new configuration valiable like 
"LogAuthorizedKeys" or "LogPublicKeys" or "LogKeyFingerprints", or you get the 
idea...

Regards,
Ulrich Windl