pam_ssh_agent_auth icon indicating copy to clipboard operation
pam_ssh_agent_auth copied to clipboard

Published 20 hours ago verified publisher icon jbeverly

Support certs / CA auth.

Open YellowOnion opened this issue 4 years ago • 1 comments

It would be nice to support "User CA's".

https://man.openbsd.org/ssh-keygen#CERTIFICATES

There's already pam_ussh but it's more dependencies than integrating it with this project.

YellowOnion avatar Jan 26 '21 01:01 YellowOnion

I just tried this and found it didn't work. Adding the error message in case it helps someone find it:

Jun 01 15:28:34 brain sudo[1955519]: pam_ssh_agent_auth: error: key_from_blob: remaining bytes in key blob 1294
Jun 01 15:28:34 brain sudo[1955519]: pam_ssh_agent_auth: Failed Authentication: `jeff' as `jeff' using /home/jeff/.ssh/authorized_keys

My keys that are not certs work with my config.

programmerq avatar Jun 01 '22 15:06 programmerq