Fedora Security FAD: The Results

Well, I think it was quite successful. Probably the most successful Fedora Activity Day I’ve attended. Many things were accomplished toward the goal of two-factor authentication within Fedora Infrastructure:

  • Installed and configured totpcgi authentication on the staging environment. This performs the verification from the clients. There will be several servers doing authentication to prevent a single point of failure.
  • Installed and configured pam_url on each staging client with the intent of connecting to the authentication servers.
  • Enabled yubikey as an alternate second factor.
  • Reviewed RPMs for pam_url and totpcgi (and a few others to help along the way)
  • Setup the totpcgi provisioning web page for google authenticator
  • Fixed fun bugs in pam_url
  • Wrote documentation on how to setup authentication.

A few things were accomplished that were not part of the goals, but good stuff nonetheless:

While I didn’t participate in all of the above activities, I was definitely involved in many of them. It turns out, everyone there was fairly involved at the FAD. It was fun to watch everyone come together to solve this issue. Everyone seemed to have a good sense of satisfaction accomplishing the goals.



This entry was posted in FAD, Fedora, Tech and tagged , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *