From b015b9954cd710d1bc9fffb04a758c1fd579cc5c Mon Sep 17 00:00:00 2001
From: w4tsn <a.wellbrock@mailbox.org>
Date: Feb 26 2023 10:52:18 +0000
Subject: pages/yubikey: add warning about online auth method


---

diff --git a/modules/ROOT/pages/using-yubikeys.adoc b/modules/ROOT/pages/using-yubikeys.adoc
index 7939402..be0b847 100644
--- a/modules/ROOT/pages/using-yubikeys.adoc
+++ b/modules/ROOT/pages/using-yubikeys.adoc
@@ -1,7 +1,7 @@
 = Using YubiKeys with Fedora
 The Fedora docs team
 :revnumber: unknown
-:revdate: 2023-02-12
+:revdate: 2023-02-26
 :category: Using
 // :tags: From Source
 
@@ -68,6 +68,11 @@ auth       sufficient     pam_yubico.so id=[Your API Client ID] key=[Your API Cl
 Note that the key is optional but without it there is no TLS verification which makes this susceptible to MitM attacks by default. Obtain a key at https://upgrade.yubico.com/getapikey[Yubico].
 ====
 
+[CAUTION]
+====
+Note that the online auth method won't work if the device is offline and can't reach the YubiCloud.
+====
+
 [NOTE]
 ====
 If you have SELinux on the enforcing mode (the default mode), you should flip on the allow_ypbind boolean first, because pam_yubico needs to be able to connect to Yubico's online authentication. servers.