On Mon, Jul 20, 2020 at 08:24:45PM -0700, Peter Moody wrote: > I wrote something a lot like this when I was at uber > > https://github.com/pmoody-/pam-ussh > > (the uber version is here: https://github.com/uber/pam-ussh) Needing PAM auth via ssh-agent is not so uncommon and yet using sshd is not necessarily the first (or best) solution to come to mind. Having it available as part of openssh would be a useful bridgehead for educating users towards better solutions, when available, and anyway practically improve the security of the status quo. Superior solutions are not very useful if not widely adopted. Dom -- rsa4096: 3B10 0CA1 8674 ACBA B4FE FCD2 CE5B CF17 9960 DE13 ed25519: FFB4 0CC3 7F2E 091D F7DA 356E CC79 2832 ED38 CB05 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
