Fix code block and other minor fixes
This commit is contained in:
parent
db12e729a7
commit
d79e0cd4ff
1 changed files with 6 additions and 7 deletions
|
@ -162,8 +162,7 @@ a new set of recovery codes with SSH.
|
|||
1. Run `ssh git@gitlab.example.com 2fa_recovery_codes`.
|
||||
1. You are prompted to confirm that you want to generate new codes. Continuing this process invalidates previously saved codes.
|
||||
|
||||
```
|
||||
bash
|
||||
```sh
|
||||
$ ssh git@gitlab.example.com 2fa_recovery_codes
|
||||
Are you sure you want to generate new two-factor recovery codes?
|
||||
Any existing recovery codes you saved will be invalidated. (yes/no)
|
||||
|
@ -208,17 +207,17 @@ Sign in and re-enable two-factor authentication as soon as possible.
|
|||
- You need to take special care to that 2FA keeps working after
|
||||
[restoring a GitLab backup](../../../raketasks/backup_restore.md).
|
||||
- To ensure 2FA authorizes correctly with TOTP server, you may want to ensure
|
||||
your GitLab server's time is synchronized via a service like NTP. Otherwise,
|
||||
your GitLab server's time is synchronized via a service like NTP. Otherwise,
|
||||
you may have cases where authorization always fails because of time differences.
|
||||
- The GitLab U2F implementation does _not_ work when the GitLab instance is accessed from
|
||||
multiple hostnames, or FQDNs. Each U2F registration is linked to the _current hostname_ at
|
||||
the time of registration, and cannot be used for other hostnames/FQDNs.
|
||||
|
||||
For example, if a user is trying to access a GitLab instance from `first.host.xyz` and `second.host.xyz`:
|
||||
For example, if a user is trying to access a GitLab instance from `first.host.xyz` and `second.host.xyz`:
|
||||
|
||||
- The user logs in via `first.host.xyz` and registers their U2F key.
|
||||
- The user logs out and attempts to log in via `first.host.xyz` - U2F authentication succeeds.
|
||||
- The user logs out and attempts to log in via `second.host.xyz` - U2F authentication fails, because
|
||||
- The user logs in via `first.host.xyz` and registers their U2F key.
|
||||
- The user logs out and attempts to log in via `first.host.xyz` - U2F authentication succeeds.
|
||||
- The user logs out and attempts to log in via `second.host.xyz` - U2F authentication fails, because
|
||||
the U2F key has only been registered on `first.host.xyz`.
|
||||
|
||||
[Google Authenticator]: https://support.google.com/accounts/answer/1066447?hl=en
|
||||
|
|
Loading…
Reference in a new issue