Hello,
We are implementing OTP for a new deployment and we can log in with the otp codes however when trying to sudo it fails. We would like to use the 2fa to log in but single factor is ok for sudo escalation. Is OTP supposed to be getting involved when issuing sudo commands?
bob@ipa-client1$ sudo cat /etc/resolv.conf First Factor: Second Factor: Sorry, try again. First Factor: sudo: 1 incorrect password attempt
ipa-server-dns-4.5.0-21.el7_4.2.2.noarch python-libipa_hbac-1.15.2-50.el7_4.6.x86_64 python-ipaddress-1.0.16-2.el7.noarch ipa-common-4.5.0-21.el7_4.2.2.noarch ipa-client-common-4.5.0-21.el7_4.2.2.noarch python2-ipalib-4.5.0-21.el7_4.2.2.noarch ipa-server-common-4.5.0-21.el7_4.2.2.noarch ipa-client-4.5.0-21.el7_4.2.2.x86_64 libipa_hbac-1.15.2-50.el7_4.6.x86_64 python2-ipaclient-4.5.0-21.el7_4.2.2.noarch python2-ipaserver-4.5.0-21.el7_4.2.2.noarch sssd-ipa-1.15.2-50.el7_4.6.x86_64 python-iniparse-0.4-9.el7.noarch ipa-server-4.5.0-21.el7_4.2.2.x86_64
Sean Hogan