On 11 Aug 2002 21:05:14 -0400, Roderick Schertler <[EMAIL PROTECTED]> wrote: > On Sun, 11 Aug 2002 11:43:41 +0900 (JST), Oohara Yuuma <[EMAIL PROTECTED]> > said: > > On Sat, 10 Aug 2002 22:20:26 -0400, > > Roderick Schertler <[EMAIL PROTECTED]> wrote: > >> The pam_ssh PAM module allows you to authenticate yourself by supplying > >> the passphrase for your SSH key (id_dsa, id_rsa, or identity in ~/.ssh). > >> Better yet, it can be to configured launch an ssh-agent and load the > >> decrypted key into it. You supply your passphrase just once when you > >> log in, and you get an agent loaded with that key. > > Why not use ssh-agent directly? > I don't know what you mean by that. Directly instead of what part of > the above process? I don't know why an additional PAM module is necessary to login via ssh. [re-reading the description] I see. This module allows any program which uses PAM to authenticate with a ssh-like public key method, right?
By the way, do you really mean "the passphrase for your SSH key" (get the passphrase and see if it can decrypt the private key) instead of the private key itself (send a challenge string and see if you can encrypt it)? I don't think ssh-agent tell you the passphrase. -- Oohara Yuuma <[EMAIL PROTECTED]> Debian developer PGP key (key ID F464A695) http://www.interq.or.jp/libra/oohara/pub-key.txt Key fingerprint = 6142 8D07 9C5B 159B C170 1F4A 40D6 F42E F464 A695 Better just encrypt it all in your head :-). --- Derrick 'dman' Hudson, about encryption without any physical medium