Here at work, we have a non-root shared login account on UNIX that is used to admin a particular application. The policy is to not allow direct logins to the shared account; you must login as yourself and use the "su" command to change over to the shared account. This is for logging/security purposes.
I've started using SSH public/private key authentication with an agent to allow me to enter my password once a day and let the agent forwarding eliminate the password prompts for the rest of the day. It is really nice.
However, some systems are locked down so I really have to use the "su" command to get to the shared account. Arg! Back to entering passwords all the time!
Is there enough info logged with SSH public/private key authentication such that I could have a reasonable chance of requesting a policy change to allow remote logins to a shared account if public/private keys are used?
I had an admin look in /var/log/secure and it just says that a public key was accepted for a user account from a particular IP address. It didn't say who's public key it was, or who's private key did the authentication.