2factor auth

Tristan Santore tristan.santore at internexusconnect.net
Tue Oct 18 15:25:05 UTC 2011 

On 18/10/11 16:23, Stephen Gallagher wrote:
> On Tue, 2011-10-18 at 08:19 -0400, Stephen Gallagher wrote:
>> On Tue, 2011-10-18 at 00:27 -0400, seth vidal wrote:
>>> On Mon, 2011-10-17 at 22:50 +0100, Tristan Santore wrote:
>>>> On 17/10/11 22:11, seth vidal wrote:
>>>>> The biggest problems with the yubikeys is:
>>
>> It might be of interest to this mailing list to be made aware of some
>> work being done jointly between the SSSD, FreeIPA, MIT Kerberos and
>> Yubico development teams.
>>
>> The plan is for SSSD and FreeIPA to support (via extensions made to MIT
>> Kerberos) Yubikey as a mechanism for acquiring a Kerberos TGT from
>> FreeIPA. We have a proof-of-concept already available (demonstrated at
>> this past Red Hat Summit) and work is ongoing on this.
>>
>> It might be worth revisiting the discussion about a potential FAS3 built
>> atop the upcoming FreeIPA v3 (which will have this support).
>> _______________________________________________
>> infrastructure mailing list
>> infrastructure at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/infrastructure
> 
> 
> Replying to myself:
> I want to draw attention to the  https://fedorahosted.org/AuthHub/
> project and diagrams there.
> 
> We're planning to support multiple pluggable OTP methods, which would
> make it possible to A) roll it out gradually and B) make it possible to
> select which approach works better for a particular contributor (e.g.
> Yubikey vs. smartphone app).
> 
> I'd like to suggest that Fedora Infrastructure become involved in the
> AuthHub project directly and help guide this effort.
> 
> 
> 
> _______________________________________________
> infrastructure mailing list
> infrastructure at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/infrastructure
Stephen, please refrain from reading my mind, before I hit the send
button. Haha. And thanks for the link.

Regards,
Tristan

-- 
Tristan Santore BSc MBCS
TS4523-RIPE
Network and Infrastructure Operations
InterNexusConnect
Mobile +44-78-55069812
Tristan.Santore at internexusconnect.net

Former Thawte Notary
(Please note: Thawte has closed its WoT programme down,
and I am therefore no longer able to accredit trust)

For Fedora related issues, please email me at:
TSantore at fedoraproject.org

More information about the infrastructure mailing list