Pitch: Improving your login security with Fedora challenge- response authentication Summary: Setting up Fedora with HW Keys for Local Challenge- Response Secure Logins using available repository packages Description: The purpose of this article would be to describe what a Challenge-Response login is, and how the reader can setup their Fedora workstation to accept challenge-response logins for PAM in Fedora 27/28/29. The article would educate the users while performing a step by step setup of challenge-response authentication via PAM for sudo and GDM login. This article would promote using a local challenge-response authentication via a HW token/key/card for securing the users Fedora workstation. Article flow would be as follows: * What is Challenge-Response Security and how does it work? * What is the difference between local and remote challenge response? (For remote OATH, will refer to Imacken's 27- Jan-2017 and Fedora Wiki articles) * Guiding principles to selecting HW security keys' * Configuration and verification testing of HW keys * Downloading, installing and configuring challenge-response repository packages * Safely testing and verifying challenge-response authentication with sudo * Implementing GDM Login challenge-response on Fedora Thoughts, critiques and comments are most welcome, -- -me Michael Erwin michael.t.erwin@xxxxxxxxx This email is RFC 1925 compliant and composed on 99.9% recycled electrons, so please print responsibly. _______________________________________________ Fedora Magazine mailing list -- magazine@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to magazine-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/magazine@xxxxxxxxxxxxxxxxxxxxxxx
