I'm looking for a way to authenticate users using a public key which is stored in a db (MongoDB). Similar questions usually resulted with a suggestion to installed a patched version of OpenSSH (https://github.com/wuputahllc/openssh-for-git) which authenticates against a db (GitHub are using a patched version of OpenSSH).
I saw there is a PAM module to authenticate via MySQL, but it assumes a username/password authentication. I was wondering whether I can use some sort of a PAM module to authenticate using a public-key against a server.
EDITED:
I need it for a git server where all users will be connecting via the 'git' username. There will be no specific username per user.
Best Answer
SSH public key authentication is not implemented via PAM. It actually bypasses the PAM
authstack (but onlyauth), something which many administrators overlook.Barring versions that support
AuthorizedKeyCommand(as mentioned in Florin's answer), the only way to extend SSH public key auth is to patch either the daemon (public key lookups) or the client (private key lookups).There are plenty of ways you can extend your authentication options via PAM, but modifying how SSH public key authentication works is not one of them.