From Fedora Project Wiki


Check if the user is not able to login after FIDO2/passkey auth method is removed


  1. Add a LDAP, IPA and AD user with passkey_mapping.
  2. Setup SSSD client with FIDO2/passkey.
  3. Enroll replica and client to the server
  4. Remove the FIDO2/passkey auth method on the Server

How to test

  1. Check authentication of the user using su on server, replica and client

Expected Results

  1. User is not able to authenticate on server, replica nor client