A backdoor in xz
A backdoor in xz
Posted Mar 31, 2024 16:54 UTC (Sun) by apoelstra (subscriber, #75205)In reply to: A backdoor in xz by Cyberax
Parent article: A backdoor in xz
Ah, yes, only for interactive logins. For SSH I use GnuPG's ssh-agent emulation support, whose mechanism I don't really understand.
Posted Mar 31, 2024 18:51 UTC (Sun)
by Cyberax (✭ supporter ✭, #52523)
[Link]
PAM was useful for custom authentication, such as LDAP-based auth or something similar. These days a fairly typical workflow is to use some kind of a daemon/utility on the developer's machine to get a temporary SSH certificate, and then just use this certificate to log in using the SSH.
A backdoor in xz
ssh-agent (or its emulation) is basically just the public key authentication.