>I've been running Privacyidea (https://www.privacyidea.org/) for some >time to manage the tokens. Exposed the Application with RADIUS and told >FreeIPA to authenticate against RADIUS. Had some rough edges, but was >usable for me and is able to manage many kinds of tokens.
So what's the _client_ look like? Specifically, are you doing FAST-OTP? If so, what client software are you using? Does this only work on systems with host keys, or do you do anonymous PKINIT? --Ken ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
