[pmg-devel] [PATCH pmg-docs 2/2] tfa: cleanup PVE specifics
Stoiko Ivanov
s.ivanov at proxmox.com
Mon Nov 29 18:30:01 CET 2021
Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
pmgconfig.adoc | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/pmgconfig.adoc b/pmgconfig.adoc
index 68ebae5..79c6415 100644
--- a/pmgconfig.adoc
+++ b/pmgconfig.adoc
@@ -975,8 +975,7 @@ You can set up multiple second factors, in order to avoid a situation in which
losing your smartphone or security key locks you out of your account
permanently.
-The following two-factor authentication methods are available in addition to
-realm-enforced TOTP and YubiKey OTP:
+The following two-factor authentication methods are available:
* User configured TOTP
(https://en.wikipedia.org/wiki/Time-based_One-Time_Password[Time-based One-Time Password]).
@@ -996,8 +995,7 @@ Configuration of Two-Factor
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Users can choose to enable 'TOTP' or 'WebAuthn' as a second factor on login,
-via the 'TFA' button in the user list (unless the realm enforces 'YubiKey
-OTP').
+via the 'TFA' button in the user list.
Users can always add and use one time 'Recovery Keys'.
@@ -1032,7 +1030,7 @@ field and pressing the 'Apply' button.
For WebAuthn to work, you need to have two things:
* A trusted HTTPS certificate (for example, by using
- https://pve.proxmox.com/wiki/Certificate_Management[Let's Encrypt]).
+ xref:sysadmin_certs_get_trusted_acme_cert[Let's Encrypt]).
While it probably works with an untrusted certificate, some browsers may
warn or refuse WebAuthn operations if it is not trusted.
* Setup the WebAuthn configuration (see *User Management -> Two Factor ->
--
2.30.2
More information about the pmg-devel
mailing list