Configure Two-Factor Authentication for SSH (Linux) in 8 Steps

Let's begin! 1 - Make sure the server time is correct. 2 - Configure NTP:

apt-get install ntp

service ntp reload

ntpq -p

 3 - Install the package that enables two-factor authentication. You can find the project here: https://github.com/google/google-authenticator4 -Configure two-factor authentication:

apt-get install libpam-google-authenticator

vi /etc/pam.d/sshd

Add the following line on top:

auth required pam_google_authenticator.so

vi /etc/ssh/sshd_config

5 - Change ChallengeResponseAuthentication to Yes6 - Change to the user that should authenticate via 2FA

su userabc

google-authenticator

7 - Answer only a few more questions and you're set. I'd recommend an app like the Google Authenticator or Authy if you use Android. You can use all applications that support the Time-based One-time Password Algorithm (TOTP).

exit

service ssh restart

 8 - Test to login before closing shell! # Enjoy more security! #