sudo -n incorrectly ask for a password when using pam · Issue #83 · sudo-project/sudo (original) (raw)

Hi all,

First and foremost, apologies if this bug is known or if I missed a workaround. If so, just send me there, thanks in advance.

I'm trying to use pam ssh agent auth to allow users to be able to sudo without a password, granted they are using the proper identity. While this seems to be working in interactive mode, non interactive mode keep asking for a password when none is needed.

$ sudo -V Sudo version 1.8.27 Sudoers policy plugin version 1.8.27 Sudoers file grammar version 46 Sudoers I/O plugin version 1.8.27 $ sudo -k whoami root $ sudo -nk whoami sudo: a password is required

Unless I am missing something, this seems like a bug. Clearly, a password is NOT required, unless I somehow fubared the config - which is absolutely possible.

pam ssh agent is setup as the first item in /etc/pam.d/sudo:

auth sufficient pam_ssh_agent_auth.so file=/path/to/authorized/pubkeys