pam_ssh_agent_auth with Ubuntu

You may have come across
pam_ssh_agent_auth which
allows you to forward the sudo authentication to your local ssh agent.

There are some great blog posts about installing / configuring it already, but I wanted to make it even easier. I’ve created a ubuntu package, available from my server ppa.

The installation is pretty straight forward:

sudo aptitude install python-software-properties
sudo apt-add-repository ppa:dbanck/server
sudo aptitude update
sudo aptitude install pam-ssh-agent-auth

After the installation is done, you just have to edit two config files
to enable it.

In /etc/pam.d/sudo replace @include common-auth with auth sufficient file=%h/.ssh/authorized_keys.

And in /etc/sudoers add this line:
Defaults env_keep += SSH_AUTH_SOCK

That’s it!

Now connect to your server via ssh -A to forward the ssh-agent. You may clear you cached sudo credentials via sudo -K and check if everything works.


Now read this

Chef tutorial #1: Setting up a chef server

This tutorial is part of a series of posts about server management with chef. If you don’t know chef, chef is an open-source systems integration framework built specifically for automating the cloud. There are two methods of using chef.... Continue →