![2-factor authentication for SSH access in Linux](https://ytimg.googleusercontent.com/vi/8zPR-maW-9I/hqdefault.jpg)
Install Google Authenticator: If you don't have Google Authenticator installed on your Linux system, you can usually do so using your package manager. For example, on Ubuntu or Debian based systems, you can run the following command:
sudo apt install libpam-google-authenticator
Generate the Google Authenticator secret key: Switch to the user account that will use Google Authenticator for SSH authentication. In a terminal, run the following command:
Google authenticator
Follow the prompts to set up Google Authenticator for your user account. You will be asked a series of questions to configure 2FA settings. This will include generating a QR code and secret key for your account.
Scan QR code: If you have a QR code scanner on your mobile device, use it to scan the QR code generated by Google-Authenticator. If you don't have a scanner, you can manually enter the secret key into the Google Authenticator app.
Back up your secret key: Make sure you store a backup of your secret key in a secure location. This will allow you to recover your Google Authenticator configuration if you lose your device or need to configure it on another device.
Configure SSH: Open the SSH configuration file to edit it. The location of the file may vary depending on your Linux distribution, but it is usually located in /etc/ssh/sshd_config. Use your favorite text editor to open the file with root privileges:
sudo nano /etc/pam.d/sshd
Add the line below to the end of the file above.
authentication required pam_google_authenticator.so
Restart the SSH service: After configuring Google Authenticator, restart the SSH service to apply the changes:
restart sudo ssh service
Then modify the SSH configuration file:
sudo nano /etc/ssh/sshd_config
Change No to Yes for the next line
KbdInteractiveAuthentication yes
Restart the SSH server:
Restart the ssh service with the following command:
sudo systemctl restart sshd.service
That's it! You have now enabled 2FA using Google Authenticator for SSH on Linux. Now when you log in to SSH, you'll be prompted to enter the verification code provided by the Google Authenticator app in addition to your regular password.
#linux
#linuxgaming
#linux_tutorial
#linuxnetwork
Please take the opportunity to connect and share this video with your friends and family if you find it useful.
No Comments