If I have an account (eg. operator) with multiple public keys in the
~operator/.ssh/authorized_keys{,2} file, can I determine which key was
used by a given login, which is to say, can I determine who is logging
in as operator when using keys? I was hoping, for instance, that the
comment field in an rsa1 key could be recorded somewhere (such as
/var/log/messages) for each login each time a key is used - then I could
say Jack logged in as operator rather than Jill for instance.

A list moderator has already rejected this same basic question, because
I used the "root" account as an example rather than the "operator"
account, and the moderator's response was that "standard practice is to
never allow remote root logins" [and instead use distinct accounts and
su to generate audit trail]. Yes, that can generate the basis for the
necessary audit trail, but for the specific situation I have at hand, it
is not as convenient as having one account (root or otherwise) with
multiple keys, so I'm asking again:

Is there a way to distinguish which key was used to login to an account
with multiple permitted keys?

- Wayne