Hello, Is it possible to authenticate a user with only OTP and ssh-pubkeys?
So far I have successfully configured FreeIPA to use Two factor authentication (password + OTP). I had to change the sshd_config to achieve this by modifying the AuthenticationMethods to be: AuthenticationMethods publickey,password:pam publickey,keyboard-interactive-pam In this way the user's ssh-pubkey, password, and OTP are required to login. I would like to remove the password requirement but retain the OTP auth. >From the FreeIPA web UI there is no setting to only enable OTP without a password. Is there a way to change the sshd_config AuthenticationMethods to only allow OTP + ssh-pubkey. Does this instead require a change to one of the pam files? Thanks, Alex
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
