pam_ssh_agent_auth / News: Recent posts

Release 0.9.3 is stable, and has been tested on RHEL5, Ubuntu LTS (8.04), Ubunto 8.10, and MacOS X 10.5

This release contains a few minor bugfixes and enhancements from 0.9.2; logging of which key provided successful authentication no longer requires 'debug' option. signing of keys now only happens if they are potentially valid; improved legibility of code in a few spots, and in so doing fixed a bug if you specified a path to an authorized key file >= 1024 characters. ... read more

pam_ssh_agent_auth is a PAM module which permits PAM authentication via your
keyring in a forwarded ssh-agent.

Release 0.9.2 is stable, and has been tested on NetBSD, FreeBSD, Solaris,
RHEL4, RHEL5, Debian Etch, Debian Lenny, Ubuntu LTS (8.04), Ubunto 8.10,
and MacOS X.

The only difference between this version, and version 0.9.1 is the license.
I have decided to switch to a BSD style license, and so all restrictions
previously imposed by the GPLv3 no longer apply as of version 0.9.2. This
relaxation of licensing terms is due in part with the original licensing of
openssh, from which this work has been derived.... read more

pam_ssh_agent_auth v0.5 was missing a file due to a bad SVN export, please replace with 0.6. My appologies.

pam_ssh_agent_auth is a PAM module which permits authentication via ssh-agent.Release 0.6 is functionally stable, and has been tested on NetBSD, FreeBSD, Solaris, RHEL4, RHEL5, Debian Etch, Debian Lenny, Ubuntu LTS (8.04), Ubunto 8.10, and MacOS X.

Every effort has been taken to ensure that this module is safe, but you should use with caution, as this is still beta software. While this module can be used with any service that supports PAM, it was written with the intention of permitting authenticated sudo without password entry.It serves as middle ground between the two most common, and suboptimal alternatives for cluster administration: allowing root login via ssh, or using NOPASSWD in sudoers. This module allows public-key authentication, and it does this by leveraging an authentication mechanism you are probably already using, ssh-agent. There are caveats of course, ssh-agent forwarding has it’s own security risks which must be carefully considered for your environment. In cases where there are not untrustworthy intermediate servers, and you wish to retain traceability, accountability, and required authentication for privileged command invocation, the benefits should outweigh the risks. Release 0.5 can be downloaded from SourceForge: https://sourceforge.net/project/showfiles.php?group_id=249556... read more

pam_ssh_agent_auth is a PAM module which permits authentication via ssh-agent.

Release 0.5 is functionally stable, and has been tested on NetBSD, FreeBSD, Solaris, RHEL4, RHEL5, Debian Etch, Debian Lenny, Ubuntu LTS (8.04), Ubunto 8.10, and MacOS X.

Every effort has been taken to ensure that this module is safe, but you should use with caution, as this is still beta software. While this module can be used with any service that supports PAM, it was written with the intention of permitting authenticated sudo without password entry.... read more

pam_ssh_agent_auth is a PAM module which permits authentication via ssh-agent. Release 0.4 is functionally stable, and has been tested on NetBSD, FreeBSD, Solaris, Linux, and MacOS X. Every effort has been taken to ensure that this module is safe, but you should use with caution, as this is still beta software.

While this module can be used with any service that supports PAM, it was written with the intention of permitting authenticated sudo without password entry. ... read more