pam_ssh_add man page

pam_ssh_add — PAM module to auto load ssh keys into an agent

Description

pam_ssh_add provides authentication and session modules that allow users to start their session with a running ssh-agent with as many ssh keys loaded as possible.

If used, the authentication module simply stores the authentication token for later use by the session module. Because this module performs no actual authentication it returns PAM_CRED_INSUFFICIENT on success and should always be accompanied by an actual authentication module in your pam configuration.

By default the session module will start a new ssh-agent and run ssh-add, loading any keys that exist in the default path for the newly logged in user. If any keys prompt for a password, and a authenication token was successfully stored, that token will be provided as the password.

Options

debug

This option will turn on debug logging to syslog.

Examples

auth     required  pam_unix.so
auth     optional  pam_ssh_add.so
session  optional  pam_ssh_add.so

Author

Cockpit has been written by many contributors[1].

Bugs

Please send bug reports to either the distribution bug tracker or the upstream bug tracker[2].

Notes

1.

contributors

2.

upstream bug tracker

Info

11/24/2016 pam_ssh_add pam_ssh_add