Greetings, I can't seem to find solid documentation on whether or not MIT's KDC has functionality supporting the use of the "requires_hwauth" attribute. Although the attribute is documented, I don't see any references to how it would be configured on the back end. Is there documentation available discussing how hardware auth can be set up, or how kerberos should be extended to support it?
To what extent does v1.5 (or 1.6) support setting that attribute on principals? And how does the attribute affect policy settings? Since hardware auth can include OTP tokens, should a separate policy be created that doesn't enforce password lifetimes? URLs to documentation/examples would be greatly appreciated. Romain Komorn ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
