subject:"Re\: \[Freeipa\-users\] Two Factor = SSHKeys \+ OTP or Password"

Re: [Freeipa-users] Two Factor = SSHKeys + OTP or Password

2015-12-23 Thread Yogesh Sharma

Thanks. After upgrading the openssh to 6.1 and using AuthenticationMethod,
it works.

-Yogesh Sharma

(Sent from my HTC)
On 22-Dec-2015 8:51 pm, "Sumit Bose"  wrote:

> On Tue, Dec 22, 2015 at 06:51:25PM +0530, Yogesh Sharma wrote:
> > Hi List,
> >
> > Did not see any options for SSH Keys + OTP or Password, However would
> like
> > to know if it is possible with FreeIPA user.
> >
> > With Generic SSH , We can use use AuthenticationMethods, but not sure
> where
> > to check in FreeIPA.
>
> I think there is nothing specific about FreeIPA here. If you set on a
> IPA client 'AuthenticationMethods = publickey,password' in sshd_config,
> sshd will check the ssh key first and then ask the user for a password.
>
> If the user is configured to use OTP on the IPA server then you have to
> enter not only the password but the OTP token as well.
>
> HTH
>
> bye,
> Sumit
>
> >
> >
> >
> >
> > *Best Regards,*
> >
> > *__*
> >
> > *Yogesh Sharma*
> > *Email: yks0...@gmail.com  | Web: www.initd.in
> >  *
> >
> > *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
> >
> >    
> > 
> > 
>
> > --
> > Manage your subscription for the Freeipa-users mailing list:
> > https://www.redhat.com/mailman/listinfo/freeipa-users
> > Go to http://freeipa.org for more info on the project
>
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Two Factor = SSHKeys + OTP or Password

2015-12-22 Thread Sumit Bose

On Tue, Dec 22, 2015 at 06:51:25PM +0530, Yogesh Sharma wrote:
> Hi List,
> 
> Did not see any options for SSH Keys + OTP or Password, However would like
> to know if it is possible with FreeIPA user.
> 
> With Generic SSH , We can use use AuthenticationMethods, but not sure where
> to check in FreeIPA.

I think there is nothing specific about FreeIPA here. If you set on a
IPA client 'AuthenticationMethods = publickey,password' in sshd_config,
sshd will check the ssh key first and then ask the user for a password.

If the user is configured to use OTP on the IPA server then you have to
enter not only the password but the OTP token as well.

HTH

bye,
Sumit

> 
> 
> 
> 
> *Best Regards,*
> 
> *__*
> 
> *Yogesh Sharma*
> *Email: yks0...@gmail.com  | Web: www.initd.in
>  *
> 
> *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
> 
>    
> 
> 

> -- 
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Two Factor = SSHKeys + OTP or Password

Re: [Freeipa-users] Two Factor = SSHKeys + OTP or Password

2 matches

Site Navigation

Mail list logo

Footer information