ssh server configuration - Are public key and password exclusive?
Jamon Camisso
jamon.camisso-H217xnMUJC0sA/PxXw9srA at public.gmane.org
Fri Jan 13 18:45:20 UTC 2012
On 1/13/2012 1:36 PM, Neil Watson wrote:
> It's a shame that OpenSSH does not allow such a two factor
> authentication. If you have the infrastructure you might use two hosts.
> Host one, a bastion, accepts key authentication. Host two accepts
> passwords. Once a user is logged on to host two they can have access to
> their target.
You can do an awful lot with the use of ForceCommand and Match
directives in sshd_config. Link up whatever recipe is in said script to
Google Authenticator, and you have working multi-factor authentication.
Jamon
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list