keyed_bash

.keyed_bash.sh

export HISTFILESIZE=9999999
export HISTSIZE=9999999

PUB_KEY='sed -ne "/sshd.$PPID.:.*matching .SA key/{s/^.* //g;h};\${x;p}" /var/log/secure'
SSH_KEY=`eval $PUB_KEY`
SSH_IP=${SSH_CLIENT%% *}


function match_key(){
# default result
result='unmatched'

while read line
do
    echo $line > /tmp/.key.pub
    key_info=`ssh-keygen -lf /tmp/.key.pub 2>/dev/null`
    if [ -z $? ];then
        continue
    fi
    
    read size key filename <<< $key_info
    #echo $SSH_KEY '<--' $key

    if [ "$key" == "$SSH_KEY" ];then
        read sign pubkey name <<< $line
        if [ -z "$name" ];then
            name='unnamed'
        fi
        result=$name
        break
    fi
    
done < $1

echo $result
rm -f /tmp/.key.pub
}

SSH_KEYNAME=`match_key "$HOME/.ssh/authorized_keys"`
export HISTFILE="$HOME/.history/${SSH_KEY}_${SSH_KEYNAME}.history"
if [ ! -f "$HISTFILE" ];then
  cp $HOME/.bash_history $HISTFILE
fi

echo "# logged in `LANG=en_US.UTF-8 && date` @$SSH_IP" >> $HISTFILE
export HISTTIMEFORMAT='%Y-%m-%d %H:%M '
export ignoredups