A list of paths to files in OpenSSH’s authorized_keys format, containing the keys that will be trusted by the pam_ssh_agent_auth module. The following patterns are expanded when interpreting the path: %f and %H respectively expand to the fully-qualified and short hostname ; %u expands to the username ; ~ or %h expands to the user’s home directory. Specifying user-writeable files here result in an insecure configuration: a malicious process can then edit such an authorized_keys file and bypass the ssh-agent-based authentication. See issue #31611

[
  "/etc/ssh/authorized_keys.d/%u"
]