I am in the process of taking over maintenance of the Debian package
libpam-ssh [1] which provides the PAM module pam_ssh [2]. In short,
pam_ssh authenticates the user by decrypting SSH keys using the
user's password.
During a discussion in Debian it was suggested that pam_ssh should use
the directory $HOME/.ssh/login-keys.d as a place to soft-link to the
keys that should be used in the authentication process, the rationale
being that users then have full control over how their keys are used
during login.
Do you see any problems with this approach?
--
Jens Peter Secher.
_DD6A 05B0 174E BFB2 D4D9 B52E 0EE5 978A FE63 E8A1 jpsecher gmail com_.
A. Because it breaks the logical sequence of discussion.
Q. Why is top posting bad?
[1] http://packages.qa.debian.org/libp/libpam-ssh.html
[2] http://pam-ssh.sourceforge.net
Attachment:
pgpn3KgNhyo6o.pgp
Description: PGP signature
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
