You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/how-to/log-in-using-a-smart-card.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -152,7 +152,7 @@ You can check this:
152
152
153
153
### Disclaimer
154
154
155
-
SSSD is the default authentication daemon in Ubuntu it and supports various identity managers. Configuring them (such as FreeIPA, LDAP, Kerberos and others) is out the scope of this guide, but you can refer to [`man sssd.conf`](https://manpages.ubuntu.com/manpages/jammy/en/man5/sssd.conf.5.html) and [SSSD official documentation](https://sssd.io/docs/introduction.html) for further reference on the topic.
155
+
SSSD is the default authentication daemon in Ubuntu it and supports various identity managers. Configuring them (such as FreeIPA, LDAP, Kerberos and others) is out the scope of this guide, but you can refer to [`man sssd.conf`](https://manpages.ubuntu.com/manpages/noble/en/man5/sssd.conf.5.html) and [SSSD official documentation](https://sssd.io/docs/introduction.html) for further reference on the topic.
156
156
157
157
For the purpose of this guide, we're going to show how SSSD should be configured for local user access, that is still something useful to enhance the security of a desktop computer, so that the user login is protected by a stronger authentication mechanism.
158
158
@@ -344,7 +344,7 @@ pam_cert_auth = True
344
344
```
345
345
346
346
In general what's in the configuration file will affect the way SSSD will call the `p11_child` tool (that is the one in charge for the actual authentication).
347
-
Check [`man sssd.conf`](https://manpages.ubuntu.com/manpages/jammy/en/man5/sssd.conf.5.html) for details.
347
+
Check [`man sssd.conf`](https://manpages.ubuntu.com/manpages/noble/en/man5/sssd.conf.5.html) for details.
348
348
349
349
Every time the configuration is changed SSSD should be restarted (`systemctl restart sssd`).
These GSettings can be locked for users so that for example it's possible to use smart cards only to login but they are disabled for unlock, or to ensure that user can't disable smart card authentication for unlocking.
400
400
401
401
:::{note}
402
-
This is done through the GNOME `dconf` locking system. You can read more about this at [`man dconf.7`](https://manpages.ubuntu.com/manpages/jammy/en/man7/dconf.7.html) or in the [GNOME documentation](https://help.gnome.org/admin/system-admin-guide/stable/dconf-lockdown.html.en).
402
+
This is done through the GNOME `dconf` locking system. You can read more about this at [`man dconf.7`](https://manpages.ubuntu.com/manpages/noble/en/man7/dconf.7.html) or in the [GNOME documentation](https://help.gnome.org/admin/system-admin-guide/stable/dconf-lockdown.html.en).
403
403
:::
404
404
405
405
An example to configure it could be:
@@ -524,7 +524,7 @@ Valid values are `none`, `lock-screen` or `force-logout`.
524
524
This value can be locked down at user level by system administrators
525
525
526
526
:::{note}
527
-
This is done through the GNOME `dconf` locking system. You can read more about this at [`man dconf.7`](https://manpages.ubuntu.com/manpages/jammy/en/man7/dconf.7.html) or in the [GNOME documentation](https://help.gnome.org/admin/system-admin-guide/stable/dconf-lockdown.html.en).
527
+
This is done through the GNOME `dconf` locking system. You can read more about this at [`man dconf.7`](https://manpages.ubuntu.com/manpages/noble/en/man7/dconf.7.html) or in the [GNOME documentation](https://help.gnome.org/admin/system-admin-guide/stable/dconf-lockdown.html.en).
0 commit comments