Seguridad

Biblioteca 'sss_simpleifp' obsoleta anteriormente (los paquetes 'libsss_simpleifp' y 'libsss_simpleifp-devel') han sido eliminados.

La característica enumeration proporciona la habilitad de listar todos los usuarios o grupos mediante getent passwd o getent group sin argumentos para los proveedores Active Directory (ad), FreeIPA (ipa) y LDAP (ldap). El soporte para la función de enumeración está obsoleto para los proveedores AD y FreeIPA y podría eliminarse en futuras versiones.

In Fedora 39, users are able to log in a system enrolled into a centralized identity management solution using a passkey device connected to the system, and they will also get a Kerberos ticket to identify myself to other services. (For the purpose of this feature, the passkey is a FIDO2 compatible device supported by the libfido2 library.)

Passwordless and Multi-Factor Authentication (MFA) are becoming increasingly popular. Protocols like PIV and FIDO2 are becoming a must for organizations that want to secure their digital assets. These protocols lay the ground to secure authentication in the Zero Trust Architecture (ZTA), a framework that is recommended, and even required in several domains.

This feature provides a way to authenticate a user using a passkey device in centralized environments, thus improving the overall security of the system and the organization. Fedora is the first Linux distribution to include it.

For more information, see the SSSD v2.9.0 release notes and FreeIPA v4.11.0-beta Release Notes.