PIV\CAC cards via CA PAM through SSH returns "server refused public-key signature despite accepting key!".
PAM does not support PIV passthrough via SSH. "server refused public-key signature despite accepting key!" is the message returned when you try to connect through SSH and PIV.
Windows target device only is supported.
"Configure Kerberos PIV/CAC Authentication for Windows Targets"