[Freeipa-users] Fedora 19 test day: OTP based 2FA using FreeIPA

Dmitri Pal dpal at redhat.com
Tue May 28 23:23:41 UTC 2013 

On 05/28/2013 11:41 AM, Dmitri Pal wrote:
> The FreeIPA team is happy to welcome you to a Fedora Test Day that is
> being held on Thursday, June 6th.
>
> We invite you to take part in testing of the new OTP authentication
> feature that will become available in upcoming FreeIPA 3.2 upstream
> release and will be a part of Fedora 19. The feature is based on the new
> extended capabilities of the MIT Kerberos [1] and 389 directory server [2].
>
> The feature would allow users to authenticate against FreeIPA and
> acquire Kerberos tickets using either OTP tokens issued by 3rd party
> vendors or by FreeIPA server itself.
>
> In the case the token is provided by a 3rd party vendor like RSA, VASCO,
> Yubico, etc. the authentication data is forwarded to the external 
> authentication server over RADIUS protocol. In this scenario user input
> is supposed to consist of the two factors as prescribed by the vendor 
> and will be handled by the external server. In case the OTP token is 
> issued by FreeIPA itself the user can authenticate using two factors one
> of which is his Kerberos password and another one is a token issued for
> him. A token can be provisioned to his mobile device and used via Google
> authenticator app.
>
> This is an initial phase of the first ever integrated two factor
> authentication solution leveraging Kerberos SSO. When complete, users
> will be able to authenticate using different authentication methods and
> acquire tickets that will allow them to access different services
> within the enterprise depending on the strength of their authentication.
>
> More detailed information about the feature can be found here:
> https://fedoraproject.org/wiki/Feature/FreeIPA_Two_Factor_Authentication

https://fedoraproject.org/wiki/Features/FreeIPA_Two_Factor_Authentication
>
> To read more about the test day and suggested tests see the following
> link
> https://fedoraproject.org/wiki/Test_Day:2013-06-06_FreeIPA_Two_Factor_Authentication
>
> Thank you for your help and participation!
>
> FreeIPA team
>
> [1] http://k5wiki.kerberos.org/wiki/Projects/OTPOverRADIUS
> [2] https://github.com/nkinder/otp_plugin
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/

More information about the Freeipa-users mailing list