search for: pamsshagentauth

A co-worker argues we can login using only password to a "ssh-key restricted host (PasswordAuthentication no)", without being asked by any passphase; just by putting a key (no need to be the private key) on another password-based host. It that true? I do not think so. I would name that as an "important OpenSSH daemon security bug". That is because I think it is not true.

...nd easy. A few things that are missing: - man page - installation - support for multiple keys in the auth file I'm also asking to the Linux PAM people to double-check my usage of PAM. Regards, Domenico [0] https://github.com/jbeverly/pam_ssh_agent_auth [1] https://sourceforge.net/projects/pamsshagentauth/ -- rsa4096: 3B10 0CA1 8674 ACBA B4FE FCD2 CE5B CF17 9960 DE13 ed25519: FFB4 0CC3 7F2E 091D F7DA 356E CC79 2832 ED38 CB05