Ben's notes

Linux, Unix, network, radio...

User Tools

Site Tools

Trace:
2_factor_ssh_authentication_with_google_authenticator

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
2_factor_ssh_authentication_with_google_authenticator [2014/01/07 12:35] admin2_factor_ssh_authentication_with_google_authenticator [2014/06/10 12:22] admin
Line 1: Line 1:
-=====Install and configure Google Authenticator for SSH=====+{{tag>[security centos6.5 2fa]}} 
 + 
 +=====Google Authenticator for SSH=====
 ... on CentOS 6.5 ... on CentOS 6.5
 ====Install required packages==== ====Install required packages====
Line 13: Line 15:
  
 ====Configure SSHd==== ====Configure SSHd====
-  vi /etc/ssh/sshd_config+<code>vi /etc/ssh/sshd_config
  
-  PubkeyAuthentication no +PubkeyAuthentication no 
-  PasswordAuthentication yes +PasswordAuthentication yes 
-  ChallengeResponseAuthentication yes +ChallengeResponseAuthentication yes 
-  UsePAM yes +UsePAM yes 
  
 +# GSSAPI options
 +GSSAPIAuthentication no
 +GSSAPICleanupCredentials yes
 +#GSSAPIStrictAcceptorCheck yes
 +#GSSAPIKeyExchange no</code>
 ====Configure PAM SSHd==== ====Configure PAM SSHd====
   vi /etc/pam.d/sshd   vi /etc/pam.d/sshd
Line 45: Line 52:
   mv /home/${USER}/.google_authenticator /home/${USER}/.ssh/.google_authenticator   mv /home/${USER}/.google_authenticator /home/${USER}/.ssh/.google_authenticator
  
 +  restorecon -Rv /home/${USER}
 ====Restart SSHD==== ====Restart SSHD====
   service sshd restart   service sshd restart
2_factor_ssh_authentication_with_google_authenticator.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1