Dustin C. Hatch
7a5f01f8a3
In the spirit of replacing bloated tools with unnecessary functionality with smaller, more focused alternatives, we can use `doas` instead of `sudo`. Originally, it was a BSD tool, but the Linux port supports PAM, so we can still use `pam_auth_ssh_agent` for ppasswordless authentication.
8 lines
288 B
Plaintext
8 lines
288 B
Plaintext
#%PAM-1.0
|
|
auth required pam_ssh_agent_auth.so file=/etc/security/doas.authorized_keys
|
|
account include system-auth
|
|
password include system-auth
|
|
session optional pam_keyinit.so revoke
|
|
session required pam_limits.so
|
|
session include system-auth
|