diff --git a/openssh-7.6p1-audit.patch b/openssh-7.6p1-audit.patch
index a05e64b..bd23def 100644
--- a/openssh-7.6p1-audit.patch
+++ b/openssh-7.6p1-audit.patch
@@ -31,7 +31,7 @@ diff -up openssh-7.6p1/audit-bsm.c.audit openssh-7.6p1/audit-bsm.c
  }
  
 +int
-+audit_keyusage(int host_user, const char *type, unsigned bits, char *fp, int rv)
++audit_keyusage(int host_user, char *fp, int rv)
 +{
 +	/* not implemented */
 +}
@@ -122,7 +122,7 @@ diff -up openssh-7.6p1/audit.c.audit openssh-7.6p1/audit.c
  	return (the_authctxt->user);
  }
  
-@@ -109,6 +113,37 @@ audit_event_lookup(ssh_audit_event_t ev)
+@@ -109,6 +113,35 @@ audit_event_lookup(ssh_audit_event_t ev)
  	return(event_lookup[i].name);
  }
  
@@ -130,11 +130,9 @@ diff -up openssh-7.6p1/audit.c.audit openssh-7.6p1/audit.c
 +audit_key(int host_user, int *rv, const Key *key)
 +{
 +	char *fp;
-+	const char *crypto_name;
 +
 +	fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_HEX);
-+	crypto_name = key_ssh_name(key);
-+	if (audit_keyusage(host_user, crypto_name, sshkey_size(key), fp, (*rv == 0)) == 0)
++	if (audit_keyusage(host_user, fp, (*rv == 0)) == 0)
 +		*rv = -SSH_ERR_INTERNAL_ERROR;
 +	free(fp);
 +}
@@ -214,10 +212,10 @@ diff -up openssh-7.6p1/audit.c.audit openssh-7.6p1/audit.c
 + * Type is the key type, len is the key length(byte) and fp is the fingerprint of the key.
 + */
 +int
-+audit_keyusage(int host_user, const char *type, unsigned bits, char *fp, int rv)
++audit_keyusage(int host_user, char *fp, int rv)
 +{
-+	debug("audit %s key usage euid %d user %s key type %s key length %d fingerprint %s, result %d",
-+		host_user ? "pubkey" : "hostbased", geteuid(), audit_username(), type, bits,
++	debug("audit %s key usage euid %d user %s fingerprint %s, result %d",
++		host_user ? "pubkey" : "hostbased", geteuid(), audit_username(),
 +		fp, rv);
 +}
 +
@@ -297,7 +295,7 @@ diff -up openssh-7.6p1/audit.h.audit openssh-7.6p1/audit.h
 +int	audit_run_command(const char *);
 +void 	audit_end_command(int, const char *);
  ssh_audit_event_t audit_classify_auth(const char *);
-+int	audit_keyusage(int, const char *, unsigned, char *, int);
++int	audit_keyusage(int, char *, int);
 +void	audit_key(int, int *, const Key *);
 +void	audit_unsupported(int);
 +void	audit_kex(int, char *, char *, char *, char *);
@@ -360,7 +358,7 @@ diff -up openssh-7.6p1/audit-linux.c.audit openssh-7.6p1/audit-linux.c
  	saved_errno = errno;
  	close(audit_fd);
  
-@@ -65,9 +78,97 @@ linux_audit_record_event(int uid, const
+@@ -65,9 +78,96 @@ linux_audit_record_event(int uid, const
  		rc = 0;
  	errno = saved_errno;
  
@@ -424,7 +422,7 @@ diff -up openssh-7.6p1/audit-linux.c.audit openssh-7.6p1/audit-linux.c
 +}
 +
 +int
-+audit_keyusage(int host_user, const char *type, unsigned bits, char *fp, int rv)
++audit_keyusage(int host_user, char *fp, int rv)
 +{
 +	char buf[AUDIT_LOG_SIZE];
 +	int audit_fd, rc, saved_errno;
@@ -442,10 +440,9 @@ diff -up openssh-7.6p1/audit-linux.c.audit openssh-7.6p1/audit-linux.c
 +		buf, audit_username(), -1, NULL, ssh_remote_ipaddr(active_state), NULL, rv);
 +	if ((rc < 0) && ((rc != -1) || (getuid() == 0)))
 +		goto out;
-+	snprintf(buf, sizeof(buf), "key algo=%s size=%d fp=%s rport=%d",
-+			type, bits, fp, ssh_remote_port(active_state));
-+	rc = audit_log_acct_message(audit_fd, AUDIT_USER_AUTH, NULL,
-+		buf, audit_username(), -1, NULL, ssh_remote_ipaddr(active_state), NULL, rv);
++	snprintf(buf, sizeof(buf), "op=negotiate kind=auth-key fp=%s", fp);
++	rc = audit_log_user_message(audit_fd, AUDIT_CRYPTO_KEY_USER, buf, NULL,
++		ssh_remote_ipaddr(active_state), NULL, rv);
 +out:
 +	saved_errno = errno;
 +	audit_close(audit_fd);