Bug#574710: education-common: Should not install and enable libpam-ssh by default
> Also I think such a pam module is bad idea as it is a bad idea, to
> use the login password to protect ssh keys with.
It work the other way around, where it allow you to log in using the
ssh key password (and ignore the password in /etc/shadow/LDAP/NIS).
> IMO we dont loose anything if we drop it from our radar.
No problem for me. I belive it was added when we believed it would
start ssh-agent when the user logged in. This is not done by this pam
module, and we do not need libpam-ssh to get that behaviour. :)