Multi Factor Authentication with SSH: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 14: | Line 14: | ||
ChallengeResponseAuthentication yes | ChallengeResponseAuthentication yes | ||
UsePAM yes | UsePAM yes | ||
'''NOTE''' that this setup will allow users to bypass the MFA setup when using '''public keys''' | |||
Revision as of 11:53, 23 December 2020
This is howto setup MFA using the Google Authenticator.
Installation
- Only one package is required to install:
apt install libpam-google-authenticator
Default Setup
- Configuration /etc/pam.d/sshd
Put the following sting underneath of @include common-auth
auth required pam_google_authenticator.so
- Configuration /etc/ssh/sshd_config
LogLevel DEBUG3 PasswordAuthentication no ChallengeResponseAuthentication yes UsePAM yes
NOTE that this setup will allow users to bypass the MFA setup when using public keys