Attending this event?
Back To Schedule
Saturday, June 17 • 12:30pm - 1:05pm
FIDO2 authentication for centrally managed users

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Passwordless and multi-factor authentication (MFA) are becoming a trend and their usage will increase in the near future. However, most of the solutions target the web/online pattern, or the local users, thus leaving centralized identity management for console and POSIX system applications lacking those capabilities.
Over the last year FreeIPA and SSSD have been working on enabling FIDO2/WebAuthn support for centrally managed users with LDAP servers. The user will be able to authenticate locally to a system with a FIDO2 key, and they will be granted a Kerberos ticket. This opens a new world to organizations to tighten their security, while maintaining strict control as to who access their systems.
This talk will focus on the progress in FIDO2/WebAuthn authentication in SSSD and FreeIPA by providing the feature context, the implementation state, a high-level overview of the solution and a live demo. Additional information on the possible expansion of the solution will also be provided.

avatar for Iker Pedrosa

Iker Pedrosa

Senior Software Engineer, Red Hat
Iker is a Software Engineer, helping tech companies build the products of the future. He has a great expertise in developing solutions for the manufacturing industry (automotive, 3D printing, etc.).

Saturday June 17, 2023 12:30pm - 1:05pm CEST
E104 | Talks
Feedback form isn't open yet.