Use Public Key to prevent sudo password prompt
- First of all we need to install the pam library
apt-get update && apt-get install libpam-ssh-agent-auth
2. Then edit /etc/pam.d/sudo and add following line directly after #%PAM-1.0
auth sufficient pam_ssh_agent_auth.so file=/etc/security/authorized_keys
3. Add your ssh public key to /etc/security/authorized_keys
4. Then add following line after other defaults in /etc/sudoers (use visudo)
Defaults env_keep += SSH_AUTH_SOCK
5. Execute following command to enable automatic launch of assh-agent on startup
echo "ssh-add" >> ~/.bash_profile
6. Voila! You can now use passwordless sudo on your server if you authenticated via an ssh key.
OPTIONAL:
7. For better security you can use an encrypted ssh private key. This only requires one password if loaded into ssh-agent.
You can follow this guide, if you want to automatically decrypt several ssh-keys with a master-password in keepass:
https://techgoat.net/index.php?id=109
Sources: