Thanks Toshio for the correction! Best, Mario On 25 October 2011 18:22, Toshio Kuratomi <a.badger@xxxxxxxxx> wrote: > On Tue, Oct 25, 2011 at 11:40:29AM +0200, François Kooman wrote: >> On 10/25/11 10:23 AM, Mario Ceresa wrote: >> > Francois: you should already be able to use yubikey for FAS, bodhi and >> > ssh. You don't need the yubikey prompt: just put your username, go to >> > the password field and then press the key's button. >> > Correction -- ssh will still use ssh keys. There's no option for passwords > in fedora infra anymore so there's also no option to use the yubikey there. > >> Really? That seems weird. If someone takes my key they would be able to >> login? I would expect it to be two-factor authentication (username & >> password + yubikey). >> >> (I'm unable to test right now as I don't have my yubi with me) >> > Correct -- it's not currently two-factor (it's either this or that). We've > been kicking around whether we want to make it two-factor, how we'd do that, > who we'd enforce it upon, etc, for a while... it's hard because we have > several different classes of users with different requirements for each. > > -Toshio > -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
