MFA without relying on a 3th party? | NetApp | Page 1

fathom sinew Aug 26, 2025, 8:33 AM

#

Hi,

Is there a possibility to do MFA for system manager without having to rely on a 3th party like SAML or OAUTH require?

With ssh, you can use a TOTP. But not for the web interface right?

Thanks
Pieter

charred cosmos Aug 26, 2025, 8:42 AM

#

since 9.16.1 you can use WebAuthn/FIDO2 with System Manager

supple parrot Aug 26, 2025, 10:52 AM

#

Are there any overlap between CLI and System Manager regarding MFA?

manic ivy Aug 26, 2025, 11:11 AM

#

Technically, mfa could be
Password + PublicKey

charred cosmos Aug 26, 2025, 12:16 PM

#

FIDO2 works for both so since 9.16.1 you can use that as unified solution (you need an SSH client that supports CAC though, regular PuTTY doesn't, so either use the PuTTY-CAC fork or, reportedly, a recent OpenSSH client)

#

TR-4647 has all the details on how to set it up

#MFA without relying on a 3th party?