[Freeipa-users] OTP authentication without Password
Master P.
junkmafia89 at gmail.com
Tue Aug 30 21:18:01 UTC 2016
Hello,
Is it possible to authenticate a user with only OTP and ssh-pubkeys?
So far I have successfully configured FreeIPA to use Two factor
authentication (password + OTP). I had to change the sshd_config to
achieve this by modifying the AuthenticationMethods to be:
AuthenticationMethods publickey,password:pam
publickey,keyboard-interactive-pam
In this way the user's ssh-pubkey, password, and OTP are required to
login. I would like to remove the password requirement but retain the OTP
auth.
>From the FreeIPA web UI there is no setting to only enable OTP without a
password. Is there a way to change the sshd_config AuthenticationMethods
to only allow OTP + ssh-pubkey. Does this instead require a change to one
of the pam files?
Thanks,
Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160830/cea6e701/attachment.htm>
More information about the Freeipa-users
mailing list