Open vaminakov opened 6 months ago
There is! It is just a matter of time and finding how to do it in a clean manner. I would like to do it in pure Go without CGO. I really want to carve out CGO from the codebase. Help and thoughts will be very much appreciated on this.
I'm not sure a native go implementation will exist, without us writing it from scratch. Teleport has this for integration with pam https://github.com/gravitational/teleport/tree/master/lib/pam. We could leverage it. The build parameters are a good idea too, to avoid cgo.
For now ssh3 doesnt using pam modules. If you login with password (using the special parameter), server will authorize you even if it have pam modules with 2-factor authentication. I understand that the main purpose is authorization using keys or oidc. Are there any plans to add support for pam modules?