You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What happened: If you have changed the default auth service configuration when trying to start Teleport in FIPS mode (using teleport start --fips), Teleport will fail to start and say error: non-FIPS compliant authentication setting: "local_auth" must be false
local_auth doesn't appear in our documentation anywhere as far as I can tell so it's hard to know 1) what this setting does and 2) where it should be set.
What you expected to happen: local_auth to appear in the configuration reference.
It goes under auth_service.authentication like this:
auth_service:
authentication:
local_auth: false
It's also worth noting that it's incompatible with the second_factor setting under auth_service.authentication - if you set both in the config, you get this warning: WARN Second factor settings will have no affect because local authentication is disabled. Update file configuration and remove "second_factor" field to get rid of this error message.
How to reproduce it (as minimally and precisely as possible): Set up Teleport with a config where auth_service.authentication has been changed from the default.
Environment:
Teleport version (use teleport version): 4.1.0
The text was updated successfully, but these errors were encountered:
What happened: If you have changed the default auth service configuration when trying to start Teleport in FIPS mode (using
teleport start --fips
), Teleport will fail to start and sayerror: non-FIPS compliant authentication setting: "local_auth" must be false
local_auth
doesn't appear in our documentation anywhere as far as I can tell so it's hard to know 1) what this setting does and 2) where it should be set.It should be described in the configuration section of the admin guide (https://gravitational.com/teleport/docs/admin-guide/#configuration)
What you expected to happen:
local_auth
to appear in the configuration reference.It goes under
auth_service.authentication
like this:It's also worth noting that it's incompatible with the
second_factor
setting underauth_service.authentication
- if you set both in the config, you get this warning:WARN Second factor settings will have no affect because local authentication is disabled. Update file configuration and remove "second_factor" field to get rid of this error message.
How to reproduce it (as minimally and precisely as possible): Set up Teleport with a config where
auth_service.authentication
has been changed from the default.Environment:
teleport version
):4.1.0
The text was updated successfully, but these errors were encountered: