Re: [Freeipa-users] sudo with OTP

2016-03-23 Thread Brad Bendy
Just updated to the testing on F23 and sudo does work, but it prompts for a single password and the single user password work, OTP is not needed or prompted. I still need OTP when I login as my user just not on sudo, is that the correct behavior and if so can that be changed to always require

Re: [Freeipa-users] sudo with OTP

2016-03-23 Thread Brad Bendy
Ignore what I said earlier :) The issue is when I run sudo the lookup appears to still be wanting OTP (even though RADIUS is the only box checked for that user), no matter what I enter it won't go past that first prompt, the request never makes it over to my RADIUS server at all. Standard logins

Re: [Freeipa-users] sudo with OTP

2016-03-23 Thread Brad Bendy
I will upgrade a few machines and test this out, I just got done making a script for RADIUS to handle OTP, I didn't see this e-mail till now! If Password + RADIUS are turned on for the user it looks like it's still doing the first factor prompt, if I don't enable the password option then a LDAP

Re: [Freeipa-users] sudo with OTP

2016-03-23 Thread Lukas Slebodnik
On (22/03/16 10:06), Brad Bendy wrote: >Im having some issues applying these patches with dependencies. But on >a side note, this needs to be applied to the client machines as well >the IPA server itself, correct? > I pushed related sudo patches to fedora yesterday. They are in updates-testing

Re: [Freeipa-users] sudo with OTP

2016-03-22 Thread Brad Bendy
Im having some issues applying these patches with dependencies. But on a side note, this needs to be applied to the client machines as well the IPA server itself, correct? Thanks On Mon, Mar 14, 2016 at 8:54 AM, Brad Bendy wrote: > I see that now, thanks for the link. Ill

Re: [Freeipa-users] sudo with OTP

2016-03-14 Thread Brad Bendy
I see that now, thanks for the link. Ill give those patches a whirl. On Mon, Mar 14, 2016 at 7:49 AM, Sumit Bose wrote: > On Mon, Mar 14, 2016 at 07:28:01AM -0700, Brad Bendy wrote: >> HI, >> >> I have OTP setup and working just fine for logging into any servers, >> when

Re: [Freeipa-users] sudo with OTP

2016-03-14 Thread Sumit Bose
On Mon, Mar 14, 2016 at 07:28:01AM -0700, Brad Bendy wrote: > HI, > > I have OTP setup and working just fine for logging into any servers, > when attempting to run any command with sudo I get a "First factor:" > prompt, I have entered my normal password but it fails. This only > happens when OTP