If the article starts to get too long, I think the editors would
support breaking it into two articles. But everyone was a strong +1
for the idea.
Michael, go ahead and draft it and we'll go from there. Thanks for
the excellent contribution!
On Wed, Oct 03, 2018 at 12:24:54PM -0700, Link Dupont wrote:
> This sounds *excellent*! I can see this even being a multi-part series.
>
> On Wed, Oct 3, 2018 at 11:44 AM, Michael Erwin <michael.t.erwin(a)gmail.com>
> wrote:
> >
> > Pitch: Improving your login security with Fedora challenge-
> > response authentication
> >
> > Summary: Setting up Fedora with HW Keys for Local Challenge-
> > Response Secure Logins using available repository packages
> >
> > Description: The purpose of this article would be to describe what a
> > Challenge-Response login is, and how the reader can setup their Fedora
> > workstation to accept challenge-response logins for PAM in Fedora
> > 27/28/29. The article would educate the users while performing a step
> > by step setup of challenge-response authentication via PAM for sudo and
> > GDM login. This article would promote using a local challenge-response
> > authentication via a HW token/key/card for securing the users Fedora
> > workstation.
> >
> > Article flow would be as follows:
> >
> > * What is Challenge-Response Security and how does it work?
> > * What is the difference between local and remote challenge
> > response?
> > (For remote OATH, will refer to Imacken's 27-
> > Jan-2017 and Fedora Wiki articles)
> > * Guiding principles to selecting HW security keys'
> > * Configuration and verification testing of HW keys
> > * Downloading, installing and configuring challenge-response
> > repository packages
> > * Safely testing and verifying challenge-response
> > authentication with sudo
> > * Implementing GDM Login challenge-response on Fedora
> >
> >
> > Thoughts, critiques and comments are most welcome,