12 Feb
2024
12 Feb
'24
4:13 p.m.
I am using SSSD in LDAP-only mode (no kerberos at all), communicating with FreeIPA. For certain hosts, I want to require sssd to demand OTP.
Right now, they are allowing password OR password+OTP. But my 'ipa show-host' output for the hosts in question have "Authentication Indicators: otp". What do I need to do for sssd to only accept password+OTP ?
Thank you.