On Fri, Jul 24, 2015 at 12:42:51PM -0600, Chris Murphy wrote: > OK so you're suggesting this only get provisioned with MFA if the user > enables SSH in the GNOME GUI? If it's enabled via systemctl then it's > just password only, and no MFA? Because if MFA is required then there Right, unless you configure multi-factor by hand. My specific concer is that there's a relatively easy to access switch which opens up the system to more exposure than may be immediately obvious. I think the idea of forcing a password change when this switch is toggled has some problems. Maybe adding some more explanatory text to the dialog for enabling "Remote login" could help, but I'm skeptical about that too; hence this suggestion. -- Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> Fedora Project Leader -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
