Passwordless and MFA are becoming a trend and their usage will increase in the near future. Passkey authentication covers this feature for centrally managed users in Linux environments. For the last two years FreeIPA and SSSD have been working on enabling FIDO2/WebAuthn support for centrally managed users with LDAP servers. The user will be able to authenticate locally to a system with a FIDO2 key, and they will be granted a Kerberos ticket. This opens a new world to organizations to tighten their security, while maintaining strict control as to who access their systems. This talk will present the context of the problem, and the proposed solution, including a live demo.