Pulling SSH keys is neat and all, but its much more impressive to be hooked into the PAM stack. That’s where pam_netauth comes in. This is a client that implements the NetAuth protocol in a PAM plugin for use on Linux and Darwin systems.
The module is written in Go and uses the
mechanism to generate
pam_netauth.so for use with the PAM stack.
The module implements the ‘auth’ handler only as the management of
credentials is expected to take place outside the local system via
netauthctl or via a site specific IDP interface.
The code for pam_netauth lives at GitHub.