By default pam-ussh reads the trusted user CA keys from /etc/ssh/trusted_user_ca.
This should be set the same as your TrustedUserCAKeys option for sshd.
option
By default pam-ussh reads the trusted user CA keys from /etc/ssh/trusted_user_ca.
This should be set the same as your TrustedUserCAKeys option for sshd.