Forwarding for the FreeIPA Team: --------------------------------------- The FreeIPA team is happy to welcome you to a Fedora Test Day that is being held on Thursday, June 6th. We invite you to take part in testing of the new OTP authentication feature that will become available in upcoming FreeIPA 3.2 upstream release and will be a part of Fedora 19. The feature is based on the new extended capabilities of the MIT Kerberos [1] and 389 directory server [2]. The feature would allow users to authenticate against FreeIPA and acquire Kerberos tickets using either OTP tokens issued by 3rd party vendors or by FreeIPA server itself. In the case the token is provided by a 3rd party vendor like RSA, VASCO, Yubico, etc. the authentication data is forwarded to the external authentication server over RADIUS protocol. In this scenario user input is supposed to consist of the two factors as prescribed by the vendor and will be handled by the external server. In case the OTP token is issued by FreeIPA itself the user can authenticate using two factors one of which is his Kerberos password and another one is a token issued for him. A token can be provisioned to his mobile device and used via Google authenticator app. This is an initial phase of the first ever integrated two factor authentication solution leveraging Kerberos SSO. When complete, users will be able to authenticate using different authentication methods and acquire tickets that will allow them to access different services within the enterprise depending on the strength of their authentication. More detailed information about the feature can be found here: https://fedoraproject.org/wiki/Features/FreeIPA_Two_Factor_Authentication To read more about the test day and suggested tests see the following link https://fedoraproject.org/wiki/Test_Day:2013-06-06_FreeIPA_Two_Factor_Authentication Thank you for your help and participation! FreeIPA team [1] http://k5wiki.kerberos.org/wiki/Projects/OTPOverRADIUS [2] https://github.com/nkinder/otp_plugin _______________________________________________ test-announce mailing list test-announce@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/test-announce -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
