Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unlocking ssh-agent keys via pam #25

Open
vovan69 opened this issue Jun 4, 2014 · 3 comments
Open

unlocking ssh-agent keys via pam #25

vovan69 opened this issue Jun 4, 2014 · 3 comments

Comments

@vovan69
Copy link

vovan69 commented Jun 4, 2014

As I understood it's possible to unlock ssh-keys automatically using pam auth with pam_envoy. However this useful feature doesn't work (at least) for me. I'd appreciate any ideas regarding debugging this issue.

envoy v8-12-g8a2881f
@vodik
Copy link
Owner

vodik commented Jun 6, 2014

Are you using gpg-agent or ssh-agent?

@vovan69
Copy link
Author

vovan69 commented Jun 7, 2014

I'm using only ssh-agent:

  • systemd: @[email protected]
  • pam: auth optional /usr/lib/security/pam_envoy.so
  • pam: session optional /usr/lib/security/pam_envoy.so ssh-agent

@vodik
Copy link
Owner

vodik commented Jun 8, 2014

Yeah that's not implemented and I don't know if I ever will unless someone write the code for me 😉. Its only implemented for gpg-agent because I use gpg-agent and was relatively straightforward.

It might be possible to take the existing pam_ssh.so and tack on envoy to use to fetch the agent's socket.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vodik @vovan69