[Pkg-ltsp-devel] Bug#783606: Host not saved into known_hosts

[Petr Šťastný]

Package: libpam-sshauth

I'm using this PAM module for sudo authentication, which works perfectly
except one thing - it does not save trusted host to known_hosts and
always asks "Server unknown. Trust?"

/etc/pam.d/sudo content:

auth sufficient pam_sshauth.so debug nostrict host=x.x.x.x port=22

I tried to connect to that SSH server manually (using ssh). I tried it
as normal user (which calls sudo) and as root. Server key is stored in
known_hosts, but libpam-sshauth does not accept it?

man pam_sshauth says:

nostrict
If contacting a host for which we don't have an entry in known_hosts,
ask, via the pam prompts, if you'd like to trust this host, and add it
to your known_hosts file.  The default will be to fail the authentication.

There is no error message in any log saying that it is unable to
read/write known_hosts.

auth log says this:

sudo: pam_sshauth(sudo:auth): Authentication begins.
sudo: pam_sshauth(sudo:auth): Connected to host x.x.x.x
sudo: pam_sshauth(sudo:auth): Server not in known_hosts file.
sudo: pam_sshauth(sudo:auth): Authentication methods supported:
password,keyboard-interactive
sudo: pam_sshauth(sudo:auth): Trying keyboard interactive authentication.
sudo: pam_sshauth(sudo:auth): Authenticated successfully.
sudo: pam_sshauth(sudo:auth): Authentication finished.