Using OpenPGP / GnuPG to unlock 'sudo bla bla' or 'sudo -s'

Andrew Gallagher andrewg at andrewg.com
Mon Aug 12 14:50:53 CEST 2024


Sorry, it’s pam-ssh-agent-auth:

https://linux.die.net/man/8/pam_ssh_agent_auth

A

> On 12 Aug 2024, at 13:48, Andrew Gallagher <andrewg at andrewg.com> wrote:
> 
> You can use pam-auth-ssh-agent with gpg’s ssh-agent emulation. Thisnhas the advantage that it also works over remote ssh connections (with ssh agent forwarding enabled).
> 
> Andrew Gallagher
> 
>> On 12 Aug 2024, at 13:27, Matthias Apitz <guru at unixarea.de> wrote:
>> 
>> 
>> I use in my Linux Debian mobile L5 an internal OpenPGP card for the
>> password-store and for outbound SSH/SCP. Is there a way, for example
>> with a config in /etc/pam.d/.... to used the OpenPGP card for providing
>> the password to 'sudo xxxx' or 'sudo -s'
>> 
>> Thanks
>> 
>>   matthias
>> 
>> --
>> Matthias Apitz, ✉ guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045
>> Public GnuPG key: http://www.unixarea.de/key.pub
>> 
>> I am not at war with Russia.  Я не воюю с Россией.
>> Ich bin nicht im Krieg mit Russland.
>> 
>> _______________________________________________
>> Gnupg-users mailing list
>> Gnupg-users at gnupg.org
>> https://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240812/f765fa56/attachment-0001.html>


More information about the Gnupg-users mailing list