Google authenticator 1password11/18/2023 ![]() Session optional pam_mail.so standard noenv # # Print the status of the user's mailbox upon successful login. Session optional pam_motd.so motd=/run/motd.dynamic noupdate # and a static (admin-editable) part from /etc/motd. # This includes a dynamically generated part from /run/motd.dynamic # Print the message of the day upon successful login. # Standard Un*x session setup and common-session Session optional pam_keyinit.so force revoke # module could execute code in the wrong domain. # SELinux needs to be the first session rule. # access limits that are hard to express in sshd_config. # Uncomment and edit /etc/security/nf if you need to set complex # Disallow non-root logins when /etc/nologin exists. Not sure why?Ĭontents of /etc/pam.d/sshd: (this file seems very long for me but it was just the default for ubuntu, maybe I could shorten this down?) # PAM configuration for the Secure Shell service I found out that whenever I set UsePAM to "yes", the password authentication fails. ![]() ![]() The key + token route still works, but for some reason my password always gets rejected with the message "Access denied". I have the following in my sshd_config: AuthenticationMethods publickey,keyboard-interactive:pam password,keyboard-interactive:pamĪnd in the /etc/pam.d/ssh I uncommented common-auth and added auth required pam_google_authenticator.so Public key + google authenticator OR password + google authenticator. I want to allow these two authentication types: ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |