Skip to main content

Posts

Showing posts from 2015

Remote two-factor authentication, with ssh public keys, and google authenticator

Installing and using the Google Authenticator was pretty easy. I give credit to howtogeek.com for their straight forward instructions on using it. However, I wanted to change some things about their setup. You'll find my instructions to be similar to theirs, but with some important differences. This was done on Ubuntu 14.04.

Install the google auth pam module:
sudo apt-get install libpam-google-authenticator Login as the user you will be using the authenticator with, and run the following command:
google-authenticator Set up Google Authenticator on your phone using either the QR code it generates, or manually type it in.

Now, this is where I diverge a little from the howtogeek version. Open up the /etc/pam.d/sshd file on your machine. Put this at the very top of the file:
auth sufficient pam_access.so accessfile=/etc/security/access-local.conf auth sufficient pam_google_authenticator.so And then comment out the following line in the same file:
#@include common-auth  Now, open up y…