| security.pam.ussh.group | If set, then the authenticating user must be a member of this group
to use this module.
|
| security.pam.ussh.caFile | By default pam-ussh reads the trusted user CA keys
from /etc/ssh/trusted_user_ca
|
| security.pam.ussh.control | This option sets pam "control"
|
| security.pam.ussh.enable | Enables Uber's USSH PAM (pam-ussh) module
|
| security.pam.services.<name>.usshAuth | If set, users with an SSH certificate containing an authorized principal
in their SSH agent are able to log in
|
| security.pam.ussh.authorizedPrincipals | Comma-separated list of authorized principals to permit; if the user
presents a certificate with one of these principals, then they will be
authorized
|
| security.pam.ussh.authorizedPrincipalsFile | Path to a list of principals; if the user presents a certificate with
one of these principals, then they will be authorized
|