Skip to content

Add support for Hardware Key PIN#31743

Merged
Joerger merged 14 commits intomasterfrom
joerger/piv-pin-policy
Oct 13, 2023
Merged

Add support for Hardware Key PIN#31743
Joerger merged 14 commits intomasterfrom
joerger/piv-pin-policy

Conversation

@Joerger
Copy link
Copy Markdown
Contributor

@Joerger Joerger commented Sep 12, 2023
edited
Loading

I recommend reviewing commit by commit.

Changes:

  • Update RFD 80 to cover changes below
  • Simplify policy/mfa logic to make the changes below smaller
  • Add require MFA types hardware_key_pin and hardware_key_touch. Like the existing hardware_key_touch, these types count as a replacement for MFA verification for per-session MFA and admin actions MFA.
  • Add support for PIV pin policies:
    • Prompt for PIN when needed
    • Require user pins to be non-default - prompt for new PIN when the default is given by the user.

Based off of #32275

@Joerger Joerger changed the base branch from joerger/refactor-hardware-key-mfa-verification to joerger/piv-pin-policy-base September 12, 2023 01:36
@Joerger Joerger force-pushed the joerger/piv-pin-policy branch 2 times, most recently from 4a5c870 to e9775e2 Compare September 15, 2023 02:17
@Joerger Joerger marked this pull request as ready for review September 15, 2023 02:23
@github-actions github-actions Bot added rfd Request for Discussion size/md tsh tsh - Teleport's command line tool for logging into nodes running Teleport. labels Sep 15, 2023
@Joerger Joerger force-pushed the joerger/piv-pin-policy branch 4 times, most recently from 56efe16 to 0b7b62a Compare September 15, 2023 21:05
@Joerger Joerger mentioned this pull request Sep 18, 2023
Closed
@Joerger Joerger force-pushed the joerger/piv-pin-policy-base branch from 3e3d458 to 3504aa1 Compare September 20, 2023 00:54
@Joerger Joerger force-pushed the joerger/piv-pin-policy branch 2 times, most recently from 32f914a to 157792b Compare September 20, 2023 01:28
@Joerger Joerger force-pushed the joerger/piv-pin-policy-base branch from 7aeaa0d to 43eb67e Compare September 20, 2023 23:46
@Joerger Joerger force-pushed the joerger/piv-pin-policy branch 2 times, most recently from e11026a to 157a6f7 Compare September 21, 2023 00:01
This was referenced Sep 21, 2023
Merged
Merged
@Joerger Joerger force-pushed the joerger/piv-pin-policy branch from 157a6f7 to 28273c3 Compare September 27, 2023 19:58
@Joerger Joerger changed the base branch from joerger/piv-pin-policy-base to joerger/custom-piv-slot September 27, 2023 19:58
@Joerger Joerger removed the request for review from klizhentas September 27, 2023 19:59
@Joerger Joerger force-pushed the joerger/piv-pin-policy branch from 608b436 to 1e41ef0 Compare October 13, 2023 18:15
@Joerger Joerger added this pull request to the merge queue Oct 13, 2023
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Oct 13, 2023
@Joerger Joerger added this pull request to the merge queue Oct 13, 2023
Merged via the queue into master with commit c0b3299 Oct 13, 2023
@Joerger Joerger deleted the joerger/piv-pin-policy branch October 13, 2023 19:26
@Joerger Joerger mentioned this pull request Oct 13, 2023
Merged
Joerger added a commit that referenced this pull request Oct 13, 2023
@Joerger
Add support for Hardware Key PIN (#31743)
924c358
Joerger added a commit that referenced this pull request Oct 14, 2023
@Joerger
[v14] Add support for Hardware Key PIN and WebUI (#33478)
e9f766f 
* Add support for Hardware Key PIN (#31743)

* Enable hardware key support in the WebUI (#33483)
Joerger added a commit that referenced this pull request Oct 16, 2023
@Joerger
[v14] Add support for Hardware Key PIN and WebUI (#33478)
597da55 
* Add support for Hardware Key PIN (#31743)

* Enable hardware key support in the WebUI (#33483)
github-merge-queue Bot pushed a commit that referenced this pull request Oct 16, 2023
@Joerger
[v14] Configure custom PIV slot for hardware key support - follow up (#…
cd75cbd 
…33353)

* Remove deprecate function; update e ref. (#32275)

* [v14] Add support for Hardware Key PIN and WebUI (#33478)

* Add support for Hardware Key PIN (#31743)

* Enable hardware key support in the WebUI (#33483)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@codingllama codingllama codingllama approved these changes

@r0mant r0mant r0mant approved these changes

@capnspacehook capnspacehook Awaiting requested review from capnspacehook

@rosstimothy rosstimothy Awaiting requested review from rosstimothy

+1 more reviewer

@jentfoo jentfoo jentfoo approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

rfd Request for Discussion size/md tsh tsh - Teleport's command line tool for logging into nodes running Teleport.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Joerger @codingllama @r0mant @jentfoo