Support for LDAP/SSSD-based SSH Authentication in the PAM SSH Keys

Context:
Currently, the Devolutions Server PAM SSH Keys module expects to interact with local accounts on servers in order to insert or rotate SSH keys by updating the local authorized_keys file.
In our environment, SSH authentication is managed through LDAP/SSSD, where public SSH keys are dynamically provided from an LDAP attribute.
This means that no local authorized_keys file exists on the servers, as SSH keys are fetched directly from the LDAP directory during the login process.

Issue:
The PAM SSH Keys module cannot inject or rotate SSH keys because it relies on the presence of local accounts and local key files.
Additionally, the Scan Configuration function does not detect any accounts, since the module looks only for local accounts to manage.

Feature Request / Proposal:
We would like the PAM SSH Keys module to support environments using LDAP/SSSD for SSH authentication by enabling it to:

• detect and recognize systems using LDAP/SSSD for SSH key management,
• interact directly with the LDAP directory to manage SSH public keys stored in LDAP attributes,
• allow rotation, addition, and removal of SSH keys in such centralized setups.
• 
  

This enhancement would extend the PAM SSH Keys module’s capabilities to cover modern enterprise environments where SSH key management is centralized via LDAP. Thank you for considering this request