Secure your ssh with google two factor authentication in 10 minutes
Easily protect your servers against brute force and botnets like FritzFrog and other botnets and worms with the Google Authenticator pam module for ssh,just edit two files and you can add two factor authentication to your ssh session,then just use andOTP or google Authenticator, on your phone this provides an extra layer of security with a one time password for additional auth for your ssh sessions.
All commands used in the video are in the description below so you can simply copy and paste as you follow along.
Tools and Links used in this Video:
Get a droplet in digital Ocean https://m.do.co/c/f2e5d955a265
Brave Browser https://brave.com/jds304
Putty for ssh access :https://putty.org
Commands used
Please make sure your time and timezone are correct on the server before starting
These commands are for Ubuntu 20.04 but should be very similar on most Linux varients.
To install the authenticatior
sudo apt-get install libpam-google-authenticator
Edit the ssh config file to change the Auth type to also Challenge Auth
sudo nano -w /etc/ssh/sshd_config
Change
ChallengeResponseAuthentication yes
Edit the pam.d module file for ssh to add in the google auth lib reference
sudo nano -w /etc/pam.d/sshd
Add this line to the file.
auth required pam_google_authenticator.so nullok
restart your ssh service
sudo systemctl restart sshd.service
Run
google-authenticator
for the setup.
Answer yes to everything.
Please make sure you take a copy of the recovery keys supplied so you can get back into the box in case you loose your 2FA device.
Also make sure you leave a separate SSH session open or at least have console access to your server before making these changes.
Watch video Secure your ssh with google two factor authentication in 10 minutes online without registration, duration hours minute second in high quality. This video was added by user JDs Tech Tips 22 August 2020, don't forget to share it with your friends and acquaintances, it has been viewed on our site 191 once and liked it 5 people.