using ssh for login authifcation



Hi

I am new to this list so pleas bear with me if this
question is irrelevant to the list.

I use ssh all the time and I am irritated that I need to first login via
my passwd and then give my passphrase. I thought why not just give the
passphrase, as I do when I do a remote login via ssh.

I got the message from the list moderator that this may be irrelevant
here - but IMHO it is related to ssh. Anyway he pointed me to PAM, and
indeed I found a module pam_ssh.so that should fullfill my wishes.

So my question is: is pam_ssh the way forward?

I looked in the pam modules for my system, Mandriva 2006.0 and found
that pam_ssh was not there, and it was not installable. Why is it
missing? Is the module unstable or has it got security flaws, or is
there something else I need to know? I just think it is the obvious
choice to avoid both typing a passwd and a passphrase so every user of
ssh would like to use something like pam_ssh.

best regards
keld



Relevant Pages

  • RE: Controlling ssh from an external program
    ... passphrase could be discovered and the private key would fall into dangerous ... NB the SSH environment strings need to be included in this mixture! ... character as the final character could signify accept from a file. ... Controlling ssh from an external program ...
    (SSH)
  • Re: More on learning "Public Key Authentication"
    ... > computers in my local network are configured that way. ... > A long passphrase is a good idea but for other reasons. ... I _think_ a passphrase is used merely to verify that a public SSH ... _public_ keys between computers, so I do not even use a public SSH ...
    (comp.sys.mac.system)
  • different SSH/keychain behavior on Fedora Core 4?
    ... I'm wondering if anyone's seen different SSH and keychain behavior on ... But since upgrading the home machine to FC4 this trick no longer works ... for the passphrase for the local RSA private key... ... I realize that this may be more of an SSH question than an actual Fedora ...
    (Fedora)
  • Re: Defering passphrase entry with ssh-add
    ... I'm not aware of any technical reason why ssh-add couldn't defer requesting a password until its required. ... Yes which is why you only check/run it when ssh is used. ... until it determined it needed your passphrase. ... Again, ssh-agent works for me across all terminals as well as just in X, it's ssh-add you are talking about here which is ...
    (SSH)
  • Re: Giving shutdown rights to somebody
    ... > Succinct is good. ... > account, but the ssh subsequently asks for the pass*phrase*, ... > between boxes, and other blank-passphrase keys for automated purposes ... > session aware of the passphrase so subsequent ssh sessions to other ...
    (comp.os.linux.security)