pam_ssh_agent_auth 0.6 released

pam_ssh_agent_auth v0.5 was missing a file due to a bad SVN export, please replace with 0.6. My appologies.

pam_ssh_agent_auth is a PAM module which permits authentication via ssh-agent.Release 0.6 is functionally stable, and has been tested on NetBSD, FreeBSD, Solaris, RHEL4, RHEL5, Debian Etch, Debian Lenny, Ubuntu LTS (8.04), Ubunto 8.10, and MacOS X.

Every effort has been taken to ensure that this module is safe, but you should use with caution, as this is still beta software. While this module can be used with any service that supports PAM, it was written with the intention of permitting authenticated sudo without password entry.It serves as middle ground between the two most common, and suboptimal alternatives for cluster administration: allowing root login via ssh, or using NOPASSWD in sudoers. This module allows public-key authentication, and it does this by leveraging an authentication mechanism you are probably already using, ssh-agent. There are caveats of course, ssh-agent forwarding has it’s own security risks which must be carefully considered for your environment. In cases where there are not untrustworthy intermediate servers, and you wish to retain traceability, accountability, and required authentication for privileged command invocation, the benefits should outweigh the risks. Release 0.5 can be downloaded from SourceForge: https://sourceforge.net/project/showfiles.php?group_id=249556

If you encounter any issues with usability or security, please use the project’s SourceForge tracker: https://sourceforge.net/tracker2/?group_id=249556&atid=1126337

Note that if you wish to use this for sudo, 1.6.8 seems to clean the environment prior to calling pam dlopen. You will need sudo >= 1.6.9 or < 1.6.8 to use this module for sudo.