How to force 2FA(Password + OTP) on IPA Clients for ssh authentications

Solution Verified - Updated -

Issue

  • Identity Management Administrators may need to require some user accounts to access IPA clients with multifactor authentication or MFA (like password and totp (token-based one time password) or hotp (hmac one time password).
  • This article examines how to configure an IPA client for SSH authentication using OTP.

Environment

  • Red Hat Enterpise Linux 7, 8, and 9
  • Red Hat Identity Management (IdM)
  • IPA Client
  • OpenSSH

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content