On Thu, 16 Aug 2012 03:01:33 +0200 Jerome Benoit <g6299304p@rezozer.net> wrote: > Package: wnpp > Severity: wishlist > Owner: Jerome Benoit <g6299304p@rezozer.net> > > * Package name : libpam-ssh > Version : 1.97 > Upstream Author : Akorty Rosenauer > * URL : http://pam-ssh.sourceforge.net/ > * License : BSD > Programming Lang: C > Description : Authenticate using SSH keys > > This PAM module provides single sign-on behavior for SSH. > The user types an SSH passphrase when logging in and is > authenticated if the passphrase successfully decrypts the > user's SSH private key. In the PAM session phase, an ssh-agent > process is started and keys are added. For the entire session, > the user can SSH to other hosts that accept key authentication > without typing any passwords. Is this about using removable media to store the SSH private key to login to machines which only have the public key? That would be useful (but isn't that covered by existing PAM support?) Is this some form of hot-desking support? If not, why is this better than a user having a different password for login and for the SSH key? Why tie login to one of my SSH private keys? The homepage doesn't make this clear, it sounds like the module just maps the user login via a graphical desktop manager to a particular SSH key the private key for which has to live on the system behind the login anyway. What's the point? -- Neil Williams ============= http://www.linux.codehelp.co.uk/
Attachment:
pgpKxLvl29hHD.pgp
Description: PGP signature