On Mon, 27 Jul 2015, John Johnson wrote:
I'm not saying that something isn't working for me; I'm going off the information available on https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System-Level_Authentication_Guide/authconfig-addl-auth.html#otp-laptop-users and a thread in this mailing list referencing it. I'm simply trying to understand the particular issue related to the laptop-specific implementation and obstacles as it relates to OTP
No, there is no hardware-specific limitations. What the documentation tries to explain (rather poorly, I agree!) is that a roaming clients like laptops would have some issues when OTP is the only scheme enabled for the user.
This is solved in SSSD 1.13 and both solution and the problem are described in detail in https://fedorahosted.org/sssd/wiki/DesignDocs/PAMConversationForOTP -- / Alexander Bokovoy -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project