Two Factor SSH Authentication with Google Authenticator - Time-based One-time Password (TOTP) algorithm specified in RFC 6238 

apt-get install libpam0g-dev
mkdir /usr/src/pam-ga
cd /usr/src/pam-ga
wget https://google-authenticator.googlecode.com/files/libpam-google-authenticator-1.0-source.tar.bz2
sha1sum libpam-google-authenticator-1.0-source.tar.bz2
017b7d89989f1624e360abe02d6b27a6298d285d  libpam-google-authenticator-1.0-source.tar.bz2
tar -xjvf libpam-google-authenticator-1.0-source.tar.bz2
cd libpam-google-authenticator-1.0
make
make install
cat README
vi /etc/pam.d/sshd
auth required pam_google_authenticator.so nullok
vi /etc/ssh/sshd_config
ChallengeResponseAuthentication yes
service ssh restart
google-authenticator


http://www.threadstates.com/articles/2012/ssh-two-factor-authentication-with-google-authenticator.html

http://www.howtogeek.com/121650/how-to-secure-ssh-with-google-authenticators-two-factor-authentication/

https://code.google.com/p/google-authenticator/
https://code.google.com/p/google-authenticator/wiki/PamModuleInstructions

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)