Il 24/06/24 16:54, Stephen Smoogen ha
scritto:
The corner case which makes this ineffective is ...
Sure, system security is affected by user actions too, but considering that the alternative is to have the vast majority of users will continue ignoring 2FA because it is not handy, using something in the background which is already present on the PC without requiring more actions from the user I think it would encourage the adoption of 2FA.
I don't know if there's a way to use the ssh keys to act as second factor, or maybe the kerberos authentication process with just the plain password could be encapsulated in a session encrypted with the key pair?
Mattia
-- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
