#3264 [RFE] Make 2FA prompting configurable
Closed: Fixed 2 years ago by jhrozek. Opened 4 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1402056

Description of problem:
Currently when 2-factor authentication is configured on the server side SSSD
prompts for:

    First Factor:
    Second Factor:

To be able to change the prompts to give the user a better hint what to enter
in a given environment or to short-cut it to a single prompt where both factors
are entered in a single string new config options should be added to sssd.conf.

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD Future releases (no date set yet)

4 years ago

Metadata Update from @jhrozek:
- Custom field mark reset (from no)
- Custom field review reset (from True)
- Custom field sensitive reset (from 0)
- Issue close_status updated to: None
- Issue set to the milestone: SSSD 1.16.0 (was: SSSD Future releases (no date set yet))

4 years ago

Metadata Update from @jhrozek:
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Issue tagged with: RFE

4 years ago

When implementing this change, please be mindful about ticket #3438 and check the discussion there!

Metadata Update from @jhrozek:
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)

4 years ago

Since we are required to release a new upstream tarball no later than Friday Oct-20, I'm moving tickets that will not be closed by that date to the next milestone, 1.16.1

Metadata Update from @jhrozek:
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Issue set to the milestone: SSSD 1.16.1 (was: SSSD 1.16.0)

4 years ago

Metadata Update from @jhrozek:
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Issue tagged with: postpone-to-2-0

3 years ago

Being able to modify the change password prompts, or include helper text (e.g. multi-line text describing the password policy) could also be useful.

(this kind of matches the banner and pwhelp arguments for pam_krb5)

Metadata Update from @jhrozek:
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Issue untagged with: postpone-to-2-0
- Issue set to the milestone: SSSD 2.0 (was: SSSD 1.16.1)

3 years ago

Metadata Update from @jhrozek:
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Issue set to the milestone: SSSD 2.1 (was: SSSD 2.0)

3 years ago

Jumping in from #3888

{quote}
Please, allow this for ssh connections (and sudo, ok, all sssd authorised services :) ) too. We have per host 2FA and we'd like to remove the "Second Factor (optional):" prompt from those hosts that do not require 2FA.
{quote}

Metadata Update from @jhrozek:
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Issue set to the milestone: SSSD 2.2 (was: SSSD 2.1)

2 years ago

Metadata Update from @sbose:
- Issue assigned to sbose

2 years ago

Metadata Update from @sbose:
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)

2 years ago

Commit 45efba7 relates to this ticket

Commit a4d1785 relates to this ticket

Commit fc26b4a relates to this ticket

Commit ac4b33f relates to this ticket

Commit fa8ef7c relates to this ticket

Metadata Update from @jhrozek:
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)

2 years ago

Metadata Update from @jhrozek:
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

2 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4297

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata