Medium/long-term authentication methods to be supported

[tyll]

There was a request for the Fedora Council to distribute hardware tokens for Fedora contributors:
https://pagure.io/Fedora-Council/tickets/issue/251

To be able to properly decide which hardware tokens make sense, it would be good to know which authentication methods will be supported in Fedora's infrastructure. To clarify:

1. Will there be SSH-key authentication?
2. Who will be able to use 2FA in the future, who will be required to and which 2FA methods will be supported?
3. Which configuration possibilities will noggin support to ensure that accounts for contributors who received a token will always use 2FA?

[abompard]

This is mostly dependent on what FreeIPA can support. It has been discussed in #202 , does this ticket give you the information you need?

[tyll]

This is mostly dependent on what FreeIPA can support. It has been discussed in #202 , does this ticket give you the information you need?

Not really, since it only mentions adding yubikey support - will this be the only one that will be added? It does not mention if SSH key-based authentication will be used or if there will be options to configure 2FA requirements for accounts.

[ryanlerch]

Going to close as a Duplicate of #202

The discussion there is about multiple differenent auth methods in IPA, not just yubikeys.