Hi. On Mon, 02 Jun 2025 22:45:48 +0700 Frederic Muller wrote: > On 02/06/2025 21:45, Francis.Montagnac@xxxxxxxx wrote: >> AFAIK sudo cannot be configured to authenticate with SSH keys. > of course it can. Effectively, a search shows that this is possible by configuring sudo with pam_ssh_agent_auth (on the server, the target machine). > It worked fine until... I switched to F42. SSH forward to ssh key to > the target machine and my user uses that key on the target machine > to authenticate and login into sudo. > The target machine hasn't changed at all. My laptop however has. F42 removed pam_ssh_agent_auth: https://fedoraproject.org/wiki/Changes/Remove_pam-ssh-agent_component but that should not be the reason. I would suspect a change in ssh-agent, but looking quickly at the changelog of openssh (F41: 9.8 F42: 9.9) do not show anything related. > Well.. I'll do another way for now and will continue trying to fix this > and set it up like it was working before, Putting pam_ssh_agent_auth in debug mode on the target machine may help, with: /etc/pam.d/sudo: auth sufficient pam_ssh_agent_auth.so debug ... -- francis -- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
