On Thu, Apr 7 2022 at 12:30:42 PM -0400, Stephen Gallagher <sgallagh@xxxxxxxxxx> wrote:
Well, it *could* grow an interface to some of the password wallet services that support TOTP or HOTP codes (like Bitwarden, Lastpass, 1password, etc.) and configure it to query that service and append the code to the password. It doesn't help if you want/need a physical token, though.
Good idea. Of course we'd probably want to use GNOME Keyring for this (which does not currently support third-party services, but could in the future). I suppose gnome-online-accounts would only need to store the TOTP/HOTP seed and some config data.
In the latter case, someone could investigate adding support for smartcards to GOA and FAS. A request for a TGT could use the pkinit protocol and query your Yubikey for the certificate. I know FAS *could* be made to support this, because it's using FreeIPA behind the scenes and that supports smartcard auth. I have no idea what it would take for GOA, though.
Another good idea. I suppose I was insufficiently creative.... Michael _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
