SSH with 2FA Auth [Rig Security]

I have enabled the 2FA Auth with Google Authenticator in all my rigs, so each time someone joins my rigs using SSH, have to enter the user and password and then verify with the codes.

I first installed a lib:

apt install libpam-google-authenticator

Then used nano and modified /etc/pam.d/sshd adding this line at the end of the file:

auth required pam_google_authenticator.so

After that, I modified /etc/ssh/sshd_config and set to “yes” a line at config:

ChallengeResponseAuthentication yes

Restarted service using:

systemctl restart sshd.service

Then, logged in as user, the one enabled for ssh:

su user

And used:

google-authenticator

Took a screenshot of codes and QR.
Config questions were answered as yes, yes, yes, no, yes.

Finally, took my google Auth at my phone and scanned QR so I get my 2FA enabled at my rig.

1 Like

Do you have a video for this? Sorry to ask Nob here.

This topic was automatically closed 416 days after the last reply. New replies are no longer allowed.