Skip to content

Instantly share code, notes, and snippets.

@miguelmota

miguelmota/README.md

Last active May 9, 2024 14:36
Show Gist options
  • Save miguelmota/45cf5254b870eeaf2e925b4d7fcfceb2 to your computer and use it in GitHub Desktop.
Save miguelmota/45cf5254b870eeaf2e925b4d7fcfceb2 to your computer and use it in GitHub Desktop.
Download ZIP
Arch linux google authenticator 2FA
Raw
README.md

Install google authenticator

sudo pacman -S libpam-google-authenticator
sudo pacman -S qrencode

Edit pam config

sudo vim /etc/pam.d/sshd

Add to top of file below PAM-1.0 line

auth required pam_google_authenticator.so

To allow only publickey + 2fa (no password) then comment out this line

#auth      include   system-remote-login

Edit sshd config

sudo vim /etc/ssh/sshd_config
ChallengeResponseAuthentication yes
UsePAM yes

Add to bottom of file to require publickey + 2fa

AuthenticationMethods publickey,keyboard-interactive:pam

Restart SSH service

sudo systemctl restart sshd.service

Setup 2FA for user

google-authenticator
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment