Hello, I'm running FreeIPA version 3.3.4. I've done a little research, and it seems like this version is missing support for OTP, but I could have sworn that I found a page that said that OTP was finished and ready to use. And in the server installation logs, I found some references to 'ipa-otpd'.
I also remember reading about an otp plugin for FreeIPA, but it doesn't seem to be installed on my server. Our case is that we want to require OTP codes for SSH authentication. Even for public key authentication, we would like to add a ForceCommand directive to ssh config that would require the OTP code. It would be awesome if that could be configured on a per-server basis in FreeIPA. Is OTP production ready? I found the 'Red Hat Test Day' page where people were testing OTP. If 3.3.4 doesn't support OTP, I'm happy to compile from source. Where can I find the source / branch with the most current OTP features? Will it be included in 4.0.0? Or should I checkout the 'otpui'  branch on GitHub? Very keen to start using the feature, and I'd be happy to help report and fix any bugs. But at the same time, I don't want to compromise our security if this feature hasn't been properly audited, so advice would be appreciated. Thanks, Nathan  https://github.com/npmccallum/freeipa/commits/otpui
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users