[aur-general] AUR ssh:// click-to-copy URLs don't work
Jelle van der Waa
jelle at vdwaa.nl
Mon Apr 4 08:28:40 UTC 2022
On 04/04/2022 10:21, Hugo Osvaldo Barrera via aur-general wrote:
> On Sun, 3 Apr 2022, at 12:07, Ben Denhartog via aur-general wrote:
>> 2) Use a proper password manager to store your OTPURI and generate the
>> tokens, as well as for storing your recovery codes. I'd recommend
>> gopass if GPG, self management, and VCS sounds appealing, and 1Password
>> if you'd rather have someone else handle the technicals.
>>
>
> Storing the password and the TOTP secret in the same password manager
> moves both factors into the same store, kinda negating the point of using
> two-factor.
>
>> 3) WEB3 aims to provide such decentralized login based on some device
>> you control as you are saying you want. Whether or not it replaces the
>> current authentication model is another matter entirely.
>
> So, something like a Yubikey using WebAuthN/FIDO? This is not uncommon
> online, and very handy since the second factory is a fully-offline
> device which requires a physical tap to log in. I see keycloak DOES
> support this; maybe it's a matter of enabling it?
Our keycloak supports webauthn and TOTP and you can add multiple two
factors. I myself have my both yubikeys (one backup) and phone
configured (aegis). Keycloak is getting support for authenticaton codes
which can be stored on paper (or encrypted usb stick). [1]
https://github.com/keycloak/keycloak/discussions/8518
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20220404/e3ca48a8/attachment.sig>
More information about the aur-general
mailing list