[Gllug] sudo authentication against ssh key
Bruce Richardson
itsbruce at workshy.org
Mon Jul 20 13:14:29 UTC 2009
On Mon, Jul 20, 2009 at 12:35:43PM +0000, James wrote:
> On Mon, Jul 20, 2009 at 01:19:38PM +0100, Minty wrote:
> > Does anyone if it is possible (& how) to authenticate a sudo user
> > against their ssh key, rather than a password?
> >
> > I'm want to allow a user password-less sudo (to named commands
> > controlled via /etc/sudoers) if and only if they've connected via ssh
> > using their key.
>
> You might be able to do something via pam, there is a pam_ssh project, on
> source forge, is a nice blog entry about pam_ssh
No, that doesn't work at all; have a look at the documentation. pam_ssh
has to be installed client-side, not server-side, and gives access to
the private key. The OP is trying to detect, from the *server* end,
wher the public key has been installed, whether a key was used.
--
Bruce
I see a mouse. Where? There, on the stair. And its clumsy wooden
footwear makes it easy to trap and kill. -- Harry Hill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20090720/7d758a76/attachment.pgp>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list