1 |
On 01/21/2010 08:09 AM, Neil Bothwick wrote: |
2 |
> On Thu, 21 Jan 2010 16:06:34 +0200, Nikos Chantziaras wrote: |
3 |
> |
4 |
>>> I'm no expert on PAM, but I've seen it used on every linux |
5 |
>>> distribution that I've tried over the years. In the case I just |
6 |
>>> described, I used it so I can identify myself with my ssh key, which |
7 |
>>> is much more secure than a password. So, in general, pam is used to |
8 |
>>> set security policy for how users can log in, change their passwords, |
9 |
>>> etc. I'm not sure how I would have added ssh key authentication |
10 |
>>> without pam. It's a good question. |
11 |
>> |
12 |
>> Well, all of this is still working here without PAM, including keys |
13 |
>> (I've set that option in the config file of the ssh deamon, not PAM.) |
14 |
> |
15 |
> I read this that walt is using SSH keys ( on a USB stick?) for local |
16 |
> login, which would be best done with PAM. SSH login with keys is handled |
17 |
> by SSH itself. |
18 |
> |
19 |
> Can you confirm walt? |
20 |
|
21 |
I'm using it to ssh between the machines on my local network, where I |
22 |
have the same ssh key on each machine. I don't have any need to login |
23 |
elsewhere by carrying the key on a USB stick -- I wish the machines at |
24 |
work would let me do that, but they don't. |