I have a webapplication and I would like to provide the users with a feature to be able to ssh to the linux server without having to add all the users’ credentials from the Psql DB to the linux server. Instead I would like to use the credentials directly for ssh. I think that this is possible using linux pluggable authentication modules (pam), however I’m don’t know where to start and I would like some help?
Advertisement
Answer
You will need to set up pam_pgsql and nss_pgsql for users from database to become first-class citizens (local users). Then they will be able to ssh as easy as your users from passwd/shadow/group files.
Start with said packages installation and reading their configuration manuals. Remember: PAM is for authentication, NSS is for name-to-uid and back translations.