My customer has asked me to work against a SecureID RADIUS server. He wants TFA for remote users.
I'm using RHEL 6.8, in command line mode only (no GUI) and I've identified the agent I should use.
I'm just starting to use this site, so forgive me if the answers are out there but atm I've only found generic documentation
I have some questions that are not clear from the documentation:
Can I log in as root locally without needing the server or TFA?
Can I log in as a local user without needing the server or TFA?
Can the local user run applications without needing the server?
Do I need a token to log in locally? What tokens are suitable?
What if the server is not available?
Do remote users need a local account? (documentation seems to say yes, customer doesn't want that)
How are remote users given UID/GID - presumably that is the reason for local account.
How is something like a Nessus scan with credentials undertaken?