You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An interesting use of agent forwarding, combined with a hardware-based SSH key (eg. Yubikey) that I discovered recently is to have sudo on a remote machine depend on a signature provided by the installed SSH agent. This would be a great use case for guardian agent IMO. I'm guessing it would require writing a separate PAM module, since guardian agent doesn't provide SSH_AUTH_SOCK for the existing PAM module to query.
The text was updated successfully, but these errors were encountered:
An interesting use of agent forwarding, combined with a hardware-based SSH key (eg. Yubikey) that I discovered recently is to have
sudoon a remote machine depend on a signature provided by the installed SSH agent. This would be a great use case for guardian agent IMO. I'm guessing it would require writing a separate PAM module, since guardian agent doesn't provide SSH_AUTH_SOCK for the existing PAM module to query.The text was updated successfully, but these errors were encountered: