[pam_ssh] Requiring a per-user login-keys.d directory
Jens Peter Secher
jps at debian.org
Wed Dec 10 15:13:42 UTC 2008
I am in the process of taking over maintenance of the Debian package
libpam-ssh [1] which provides the PAM module pam_ssh [2]. In short,
pam_ssh authenticates the user by decrypting SSH keys using the
user's password.
During a discussion in Debian it was suggested that pam_ssh should use
the directory $HOME/.ssh/login-keys.d as a place to soft-link to the
keys that should be used in the authentication process, the rationale
being that users then have full control over how their keys are used
during login.
Do you see any problems with this approach?
--
Jens Peter Secher.
_DD6A 05B0 174E BFB2 D4D9 B52E 0EE5 978A FE63 E8A1 jpsecher gmail com_.
A. Because it breaks the logical sequence of discussion.
Q. Why is top posting bad?
[1] http://packages.qa.debian.org/libp/libpam-ssh.html
[2] http://pam-ssh.sourceforge.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pam-list/attachments/20081210/7f2d8eeb/attachment.sig>
More information about the Pam-list
mailing list