pam_ssh_agent_auth with Ubuntu

You may have come across
pam_ssh_agent_auth which
allows you to forward the sudo authentication to your local ssh agent.

There are some great blog posts about installing / configuring it already, but I wanted to make it even easier. I’ve created a ubuntu package, available from my server ppa.

The installation is pretty straight forward:

sudo aptitude install python-software-properties
sudo apt-add-repository ppa:dbanck/server
sudo aptitude update
sudo aptitude install pam-ssh-agent-auth

After the installation is done, you just have to edit two config files
to enable it.

In /etc/pam.d/sudo replace @include common-auth with auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys.

And in /etc/sudoers add this line:
Defaults env_keep += SSH_AUTH_SOCK

That’s it!

Now connect to your server via ssh -A to forward the ssh-agent. You may clear you cached sudo credentials via sudo -K and check if everything works.

 
4
Kudos
 
4
Kudos

Now read this

FreeNas Storage Appliance #1: The components

Die deutsche Version dieses Artikels findest du hier. This is a series of posts about building your own custom FreeNAS storage applicance. Part 1: The components Part 2: Unboxing On my search for a reliable storage solution, I’ve came... Continue →