Ability to add webauthn/passkey authentication for the web interface #20389
Labels
Comments
|
We use PAM for authentication so if you configure totp with Yubikey you should be able to get 2fa in Cockpit. This is a duplicate of #15860 |
|
2FA/TOTP with a YubiKey isn't the same as using Webauthn with a Yubikey. |
|
Overlooked that, but regardless implementing passkey/webauthn is a lot of work afaik there are no off the shelve solutions for this. |
|
Modern browsers provide a built in API https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API |
|
As for the backend, webauthn data is commonly sent as a JSON Web Token (JTW), and most modern backend web frameworks have a single-line solution to verify JWTs. https://jwt.io/libraries |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Since right now all it takes to get in through the web interface is a username & password, being able to enforce the use of something like a Yubikey (like I do with my ssh keys) would be great.
The text was updated successfully, but these errors were encountered: