diff --git a/log.c b/log.c
index 7a653db7..54d88cbb 100644
--- a/log.c
+++ b/log.c
@@ -86,7 +86,7 @@ log_vwrite(int level, const char *msg, va_list ap)
 {
 	char	*fmt = NULL;
 
-	const char *token = tmate_session->session_token;
+	const char *token = tmate_session->obfuscated_session_token;
 
 	if (log_settings.log_level < level)
 		return;
diff --git a/tmate-main.c b/tmate-main.c
index 8d17f126..12ddbb79 100644
--- a/tmate-main.c
+++ b/tmate-main.c
@@ -262,9 +262,12 @@ void set_session_token(struct tmate_session *session,
 	xasprintf(&path, TMATE_WORKDIR "/sessions/%s", token);
 	socket_path = path;
 
+	xasprintf((char **)&session->obfuscated_session_token, "%.4s...",
+		  session->session_token);
+
 	memset(cmdline, 0, cmdline_end - cmdline);
 	sprintf(cmdline, "tmate-ssh-server [%s] %s %s",
-		session->session_token,
+		tmate_session->obfuscated_session_token,
 		session->ssh_client.role == TMATE_ROLE_DAEMON ? "(daemon)" : "(pty client)",
 		session->ssh_client.ip_address);
 }
diff --git a/tmate-ssh-server.c b/tmate-ssh-server.c
index fc868871..94d469c7 100644
--- a/tmate-ssh-server.c
+++ b/tmate-ssh-server.c
@@ -215,8 +215,7 @@ static void register_on_ssh_read(struct tmate_ssh_client *client)
 
 static void handle_sigalrm(__unused int sig)
 {
-	tmate_debug("Connection grace period (%ds) passed", TMATE_SSH_GRACE_PERIOD);
-	exit(1);
+	tmate_fatal_info("Connection grace period (%ds) passed", TMATE_SSH_GRACE_PERIOD);
 }
 
 static void client_bootstrap(struct tmate_session *_session)
@@ -258,8 +257,7 @@ static void client_bootstrap(struct tmate_session *_session)
 
 	tmate_debug("Exchanging DH keys");
 	if (ssh_handle_key_exchange(session) < 0)
-		tmate_fatal("Error doing the key exchange: %s",
-				    ssh_get_error(session));
+		tmate_fatal_info("Error doing the key exchange: %s", ssh_get_error(session));
 
 	mainloop = ssh_event_new();
 	ssh_event_add_session(mainloop, session);
@@ -271,7 +269,7 @@ static void client_bootstrap(struct tmate_session *_session)
 
 	alarm(0);
 
-	/* The latency is callback set later */
+	/* The latency callback is set later */
 	tmate_start_ssh_latency_probes(client, &ssh_server_cb, TMATE_SSH_KEEPALIVE * 1000);
 	register_on_ssh_read(client);
 
diff --git a/tmate.h b/tmate.h
index 042303fe..ab7ac43b 100644
--- a/tmate.h
+++ b/tmate.h
@@ -26,6 +26,11 @@ extern void printflike(2, 3) tmate_log(int level, const char *msg, ...);
 	tmate_log(LOG_CRIT, "fatal: " str, ##__VA_ARGS__);	\
  	exit(1);						\
 })
+#define tmate_fatal_info(str, ...)				\
+({								\
+	tmate_log(LOG_INFO, "fatal: " str, ##__VA_ARGS__);	\
+ 	exit(1);						\
+})
 
 /* tmate-msgpack.c */
 
@@ -231,6 +236,7 @@ struct tmate_session {
 	/* only for role deamon */
 	const char *session_token;
 	const char *session_token_ro;
+	const char *obfuscated_session_token; /* for logging purposes */
 
 	struct tmate_encoder daemon_encoder;
 	struct tmate_decoder daemon_decoder;