Hello everyone,
I'm trying to set up pam_ssh_agent_auth to take advantage of sudo's authentication via ssh-agent. It was supposed to be a simple configuration, something that I already do in my ubuntu servers, but it became a nightmare.
I installed CentOS 8-1905 (minimal installation) and pam_ssh_agent_auth package. I can connect via ssh with my keys pair and I can also check that my ssh-agent is listening at SSH_AUTH_SOCK. I followed this guide https://www.unix.com/man-page/centos/8/ ... gent_auth/ (is exaclly what I do in my ubuntu servers) but I can't figure out why it's not working.
Does anybody know what I'm doing wrong?
I'll appreciate any help in advance.
pam_ssh_agent_auth not working
Re: pam_ssh_agent_auth not working
I guess you have already verified that there is no change between the man-pages for centos 7, which is what the link points to, and centos 8, which is what you are running.
Also, "not working" is kind of vague. What is the precise error message? I'm not sure that I can help you out even if I know the exact error message but perhaps somebody else can.
Cheers,
gostal
Also, "not working" is kind of vague. What is the precise error message? I'm not sure that I can help you out even if I know the exact error message but perhaps somebody else can.
Cheers,
gostal
Desktop Dell T5810 Intel(R) Xeon(R) CPU E5-1650 v4 @ 3.60GHz, 72 GB RAM, Radeon Pro WX 7100
CentOS 7.9.2009
CentOS 7.9.2009
Re: pam_ssh_agent_auth not working
What are the error/informational messages in logs?
File permissions, selinux?
File permissions, selinux?
Re: pam_ssh_agent_auth not working
There's no indication at all then on the command line? It just says "Access denied." or something like that?
PAM configuration is tricky. It essential that all lines in relevant configuration files are in the correct order so make sure the order of the lines conform to what you have on your Ubuntu servers as far as it is possible. Try to figure out the exact process on your working Ubuntu server. Then perhaps you can use that to trace what's going on in the CentOS server.
Cheers,
gostal
PAM configuration is tricky. It essential that all lines in relevant configuration files are in the correct order so make sure the order of the lines conform to what you have on your Ubuntu servers as far as it is possible. Try to figure out the exact process on your working Ubuntu server. Then perhaps you can use that to trace what's going on in the CentOS server.
Cheers,
gostal
Desktop Dell T5810 Intel(R) Xeon(R) CPU E5-1650 v4 @ 3.60GHz, 72 GB RAM, Radeon Pro WX 7100
CentOS 7.9.2009
CentOS 7.9.2009
Re: pam_ssh_agent_auth not working
After an attempted login, check the output of the following:
tail -n 20 /var/log/secure
journalctl -xe
These should give you some information as to what is going on in the background.
Best,
JP