Passwordless and multi-factor authentication (MFA) are becoming a trend and their usage will increase in the near future. However, most of the solutions target the web/online pattern, or the local users, thus leaving centralized identity management for console and POSIX system applications lacking those capabilities. Over the last year FreeIPA and SSSD have been working on enabling FIDO2/WebAuthn support for centrally managed users with LDAP servers. The user will be able to authenticate locally to a system with a FIDO2 key, and they will be granted a Kerberos ticket. This opens a new world to organizations to tighten their security, while maintaining strict control as to who access their systems. This talk will focus on the progress in FIDO2/WebAuthn authentication in SSSD and FreeIPA by providing the feature context, the implementation state, a high-level overview of the solution and a live demo. Additional information on the possible expansion of the solution will also be provided.
Iker is a Software Engineer, helping tech companies build the products of the future. He has a great expertise in developing solutions for the manufacturing industry (automotive, 3D printing, etc.).
Saturday June 17, 2023 12:30pm - 1:05pm CEST
E104 | Talks
Create a custom schedule.
Take it with you on mobile.
Get listed in the directory.
