Differences

This shows you the differences between two versions of the page.

--- userdoc:gitolite_2fa [2015-10-28 03:53]
mricon
+++ userdoc:gitolite_2fa [2017-05-23 20:59]
mricon
@@ Line 8: / Line 8: @@
 |**enroll** //[mode]//|Enroll with 2-factor authentication (mode=totp or yubikey)|
 |**val** //[token]//|Validate your current IP address for 24 hours|
+|**val-session** //[token]//|Validate your current ssh ControlMaster session|
 |**val-for-days** //[days]// //[token]//|Validate your current IP address for arbitrary number of days (max=30)|
 |**val-subnet** //[/cidr]// //[token]//|Validate a larger subnet for 8 hours|
@@ Line 57: / Line 58: @@
 The only HOTP devices currently tested and supported are yubikeys. Any of the currently listed products should support HOTP authentication:
-  * [[http://www.yubico.com/products/yubikey-hardware/yubikey/|Standard]] (cheapest)
+  * [[https://www.yubico.com/products/yubikey-hardware/yubikey4/|Yubikey 4]] either standard or Nano form-factors (also supports OpenPGP functionality)
-  * [[http://www.yubico.com/products/yubikey-hardware/yubikey-nano/|Nano]] (smallest)
-  * [[http://www.yubico.com/products/yubikey-hardware/yubikey-neo/|NEO]] (also works as an OpenPGP card)
-We recommend the NEO, as you can also configure it as an [[https://github.com/herlo/ssh-gpg-smartcard-config/blob/master/YubiKey_NEO.rst|OpenPGP card]], but laptop users may find that using the Nano is more comfortable.
+Laptop users may find that using the Nano form factor is more comfortable.
 ===== Provisioning your 2-factor token =====

Kernel.org metawiki

User Tools

Site Tools

Differences

Page Tools