Using OpenPGP / GnuPG to unlock 'sudo bla bla' or 'sudo -s'

Andrew Gallagher andrewg at andrewg.com
Mon Aug 12 14:48:04 CEST 2024


You can use pam-auth-ssh-agent with gpg’s ssh-agent emulation. Thisnhas the advantage that it also works over remote ssh connections (with ssh agent forwarding enabled).

Andrew Gallagher

> On 12 Aug 2024, at 13:27, Matthias Apitz <guru at unixarea.de> wrote:
> 
> 
> I use in my Linux Debian mobile L5 an internal OpenPGP card for the
> password-store and for outbound SSH/SCP. Is there a way, for example
> with a config in /etc/pam.d/.... to used the OpenPGP card for providing
> the password to 'sudo xxxx' or 'sudo -s'
> 
> Thanks
> 
>    matthias
> 
> --
> Matthias Apitz, ✉ guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045
> Public GnuPG key: http://www.unixarea.de/key.pub
> 
> I am not at war with Russia.  Я не воюю с Россией.
> Ich bin nicht im Krieg mit Russland.
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users



More information about the Gnupg-users mailing list