Hi All,

Has anyone here ever dealt with multi-user authentication?  I'm trying 
to set up a system that would require two separate users to authenticate 
before running certain programs.  This adds a level of accountability to 
the system and could be very useful.  I was thinking something on the 
lines of using pam_usb and sudo to control execution, but theres a 
couple things that I'm a little fuzzy about.

Is there a way that if one of the usb keys got pulled out, the programs 
being run by sudo would be 'kill -9'ed?

Can pam_usb be used to require two keys?  I'm sure you could cheat, and 
link the two keys using a software raid, that would make sure that you 
need both.  But if you wanted to require that two users out of 3 (or 4 
or 50) can use this, you would need a lot of keys and a lot of raids.

Thanks

Chris