[RFC PATCH 0/4] PAM module for ssh-agent user authentication

Domenico Andreoli cavokz at gmail.com
Tue Jul 21 21:25:04 AEST 2020


On Mon, Jul 20, 2020 at 08:24:45PM -0700, Peter Moody wrote:
> I wrote something a lot like this when I was at uber
> 
>   https://github.com/pmoody-/pam-ussh
> 
> (the uber version is here: https://github.com/uber/pam-ussh)

Needing PAM auth via ssh-agent is not so uncommon and yet using sshd
is not necessarily the first (or best) solution to come to mind.

Having it available as part of openssh would be a useful bridgehead for
educating users towards better solutions, when available, and anyway
practically improve the security of the status quo.

Superior solutions are not very useful if not widely adopted.

Dom

-- 
rsa4096: 3B10 0CA1 8674 ACBA B4FE  FCD2 CE5B CF17 9960 DE13
ed25519: FFB4 0CC3 7F2E 091D F7DA  356E CC79 2832 ED38 CB05


More information about the openssh-unix-dev mailing list