2-factor authentication for SSH access in Linux

HomeOther Content2-factor authentication for SSH access in Linux
Channel: InfoAlias Sourced: Youtube Published 12 months ago
2-factor authentication for SSH access in Linux
2-factor authentication for SSH access in Linux
To enable two-factor authentication (2FA) using Google Authenticator for SSH on Linux, you will need to follow these general steps:

Install Google Authenticator: If you don't have Google Authenticator installed on your Linux system, you can usually do so using your package manager. For example, on Ubuntu or Debian based systems, you can run the following command:

sudo apt install libpam-google-authenticator

Generate the Google Authenticator secret key: Switch to the user account that will use Google Authenticator for SSH authentication. In a terminal, run the following command:
Google authenticator

Follow the prompts to set up Google Authenticator for your user account. You will be asked a series of questions to configure 2FA settings. This will include generating a QR code and secret key for your account.

Scan QR code: If you have a QR code scanner on your mobile device, use it to scan the QR code generated by Google-Authenticator. If you don't have a scanner, you can manually enter the secret key into the Google Authenticator app.

Back up your secret key: Make sure you store a backup of your secret key in a secure location. This will allow you to recover your Google Authenticator configuration if you lose your device or need to configure it on another device.

Configure SSH: Open the SSH configuration file to edit it. The location of the file may vary depending on your Linux distribution, but it is usually located in /etc/ssh/sshd_config. Use your favorite text editor to open the file with root privileges:

sudo nano /etc/pam.d/sshd

Add the line below to the end of the file above.

authentication required pam_google_authenticator.so

Restart the SSH service: After configuring Google Authenticator, restart the SSH service to apply the changes:

restart sudo ssh service

Then modify the SSH configuration file:

sudo nano /etc/ssh/sshd_config
Change No to Yes for the next line

KbdInteractiveAuthentication yes
Restart the SSH server:

Restart the ssh service with the following command:

sudo systemctl restart sshd.service

That's it! You have now enabled 2FA using Google Authenticator for SSH on Linux. Now when you log in to SSH, you'll be prompted to enter the verification code provided by the Google Authenticator app in addition to your regular password.

#linux
#linuxgaming
#linux_tutorial
#linuxnetwork

Please take the opportunity to connect and share this video with your friends and family if you find it useful.

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Privacy Policy | Terms of Services | Contact us | DMCA

We adhere to fair use guidelines when quoting from other sources. We provide brief excerpts and proper attribution.

Redway © 1999-2024