Freifunk Gera-Greiz

SSH mit sudo unter Debian

Server

libpam: ab Debian 9

sudo apt-get install libpam-ssh-agent-auth

libpam: ältere Debian-Versionen

Aktuelle Version herunter laden: https://sourceforge.net/projects/pamsshagentauth/

sudo apt-get install libpam0g-dev libssl-dev
tar -xf pam_ssh_agent_auth-0.10.3.tar.bz2
cd pam_ssh_agent_auth-0.10.3
./configure --libexecdir=/lib/security --with-mantype=man
make
sudo make install

Konfiguration

/etc/sudoers:

Defaults        env_keep += SSH_AUTH_SOCK

/etc/pam.d/sudo:

#auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys
auth sufficient pam_ssh_agent_auth.so file=/etc/ssh/sudo_authorized_keys
{{{ sudo cp ~/.ssh/authorized_keys /etc/ssh/sudo_authorized_keys sudo chown root:root /etc/ssh/sudo_authorized_keys }}}

Client

{{{ eval `ssh-agent -s` ssh-add ~/.ssh/my_damn_key/id_rsa ssh -A holy_moly_server.de sudo ls }}}
Details
Kategorie: SSH

<name>space
geschlossen seit 27.04.2024 10:50 Uhr

Weitere Informationen

Veranstaltungen / Ereignisse

01 Mai 2024
18:00 - 22:00
namespace geöffnet
17 Mai 2024
15:00 - 18:00
Repaircafé on Tour