-
Story
-
Resolution: Done
-
Major
-
RH362 - RHEL 7.4 1 20180531
-
None
-
ILT
-
en-US (English)
URL:
Reporter RHNID:
Section: -
Language: en-US (English)
Workaround:
Description: This section is trying to discuss 2 separate topics:
1. Single Sign-on which is a Kerberos feature (even when a smart card is added relying on PKINIT).
2. One-Time Passwords used as part of Two-Factor Authentication
In my opinion, the 1st topic should be moved to the Kerberos chapter (ch.3). Configuring Firefox for Kerberos authentication has already been discussed there (p.115) but using a machine that was not a domain member. The guided exercise that follows here deals with a Kerberos-authenticated Squid proxy service which also belongs in ch.3.
Use this section to focus on One-Time Passwords and likewise the guided exercise should be dedicated to this single topic. You could enhance both the narrative and the exercise by showing that GDM and ssh logins also support OTP. It's not just for browser-based applications.