This is a simple setup guide to enabling Two Factor Authentication (2FA) on Linux SSH login. I this article I wont go deep into setup and issues that I have faced when implementing this. First thing is first Update your system first. I have used Ubuntu 20.04 and it is always up to date. To enable 2FA you need to install google authenticator modules sudo apt install libpam-google-authenticator Configuration for PAM and SSHD Add the the following line to /etc/pam.d/sshd and After adding this line please restart the sshd services. auth required pam_google_authenticator.so Go to /etc/ssh/sshd_config and check if the following line exist. Default value will be "no" so change it to "yes" to activate. ChallengeResponseAuthentication yes Configuration for Authenticator In the terminal run google authenticator command It will ask few things to acknowledge by user. Details you can see from the below video. Once this part is done you are ready to use the 2FA in ubuntu. T...
This is a simple setup guide to enabling Two Factor Authentication (2FA) on Linux SSH login. I this article I wont go deep into setup and issues that I have faced when implementing this.
First thing is first
Update your system first. I have used Ubuntu 20.04 and it is always up to date.
To enable 2FA you need to install google authenticator modules
sudo apt install libpam-google-authenticator
Configuration for PAM and SSHD
Add the the following line to /etc/pam.d/sshd and After adding this line please restart the sshd services.
auth required pam_google_authenticator.so
Go to /etc/ssh/sshd_config and check if the following line exist. Default value will be "no" so change it to "yes" to activate.
ChallengeResponseAuthentication yes
Configuration for Authenticator
In the terminal run google authenticator command
It will ask few things to acknowledge by user. Details you can see from the below video. Once this part is done you are ready to use the 2FA in ubuntu.
Testing the 2FA
To test if your configuration is correctly setup, you can ssh the system and it will prompt to insert verification code after you enter the password. Details shown in the following video.
I hope this will help others to hardening there systems. Enjoy and if you need any help please message me.
Comments