Re: using ssh authentication with sudo



On Sun, 20 May 2007, Eric S. Johansson wrote:

there is a number of ways I could be missing something obvious so I apologize
in advance.

My idea is should be possible to grant sudo access with your ssh credentials.
the logic is that once the server has granted access to a client based on its
ssh keys, it should be possible to use the same authentication to grant sudo
privileges. After all, if a key pair is good enough to get you into one
machine, why isn't it good enough to grant you the full Monty?

Assuming that it is, how could a local program determine that the process it
is running in has done so via ssh key authentication. Would it query the
agent directly? Would it be able to use agent forwarding? Or is this a
really bad idea that I should just give up on?

http://pam-ssh.sourceforge.net/

I saw this on another list, but have never used it myself.

Jeremy C. Reed