2FA with krb5
Ken Hornstein
kenh at cmf.nrl.navy.mil
Thu Oct 7 14:35:35 EDT 2021
>I've been running Privacyidea (https://www.privacyidea.org/) for some
>time to manage the tokens. Exposed the Application with RADIUS and told
>FreeIPA to authenticate against RADIUS. Had some rough edges, but was
>usable for me and is able to manage many kinds of tokens.
So what's the _client_ look like? Specifically, are you doing FAST-OTP?
If so, what client software are you using? Does this only work on
systems with host keys, or do you do anonymous PKINIT?
--Ken
More information about the Kerberos
mailing list