Home 0P3N Blog Configure Two-Factor Authentication for SSH (Linux) in 8 Steps
Ready to Start Your Career?
Create Free Account
solhuebner s profile image
By: solhuebner
March 7, 2016

Configure Two-Factor Authentication for SSH (Linux) in 8 Steps

By: solhuebner
March 7, 2016
solhuebner s profile image
By: solhuebner
March 7, 2016
liquid-stock-photo-cybraryLet's begin! 1 - Make sure the server time is correct. 2 - Configure NTP:

apt-get install ntp

service ntp reload

ntpq -p

 3 - Install the package that enables two-factor authentication. You can find the project here: https://github.com/google/google-authenticator4 -Configure two-factor authentication:

apt-get install libpam-google-authenticator

vi /etc/pam.d/sshd

Add the following line on top:

auth required pam_google_authenticator.so

vi /etc/ssh/sshd_config

5 - Change ChallengeResponseAuthentication to Yes6 - Change to the user that should authenticate via 2FA

su userabc

google-authenticator

7 - Answer only a few more questions and you're set. I'd recommend an app like the Google Authenticator or Authy if you use Android. You can use all applications that support the Time-based One-time Password Algorithm (TOTP).

exit

service ssh restart

 8 - Test to login before closing shell! # Enjoy more security! #
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry