This is a package I've included in Linux-PAM which I've used for years (from my SysAdmin days) to connect to other machines from my central workstation after loading in a private key to gpg-agent. In my case, my gpg-agent setup comes off a Yubikey (which I also use in tandem with pam-u2f for login(s) where I'm sitting in front of the machine) and allows less sudo prompting as I maintain the myriad of other systems I watch after. General usage is setup in /usr/etc/pam.d/sudo with a line like: auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys combined with adding "SSH_AUTH_SOCK" as a variable in "env_keep". This allows a pubkey hash in your authorized_keys file to work with ssh-agent/gpg-agent to grant sudo privs (provided your agent has prompted for a passphrase and loaded in your keypair) without the usual prompts or timeouts around sudo. As always, use a passphrase for your private keys ;) -- ~ Scott Bradnick |- Windows Subsystem for Linux (WSL) Developer |-- Tumbleweed: |--- Raspberry Pi 4 Model B Rev 1.2 (aarch64) |--- Dell Precision 5540 (NVIDIA Quadro T1000) |--- WinBook TW100 (x86_64) https://keys.openpgp.org/ :: DBC5AA9A2D2BAEBC