User Tools

Site Tools


howtos:google_authenticator

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

howtos:google_authenticator [d/m/Y H:i] (current)
Line 1: Line 1:
 +Get the software:
 +
 +<​code>​
 +apt-get install gcc mercurial libpam0g-dev -y
 +</​code>​
 +
 +Compile the PAM module:
 +
 +<​code>​
 +cd google-authenticator/​libpam/​
 +make install
 +</​code>​
 +
 +Now apply the PAM module to one of your authentication mechanisms (sshd, ppp, samba or what ever you have in /​etc/​pam.d):​
 +
 +<​code>​
 +vi /​etc/​pam.d/​sshd
 +</​code>​
 +
 +and append this to the file sshd:
 +
 +<​file>​
 +auth required pam_google_authenticator.so
 +</​file>​
 +
 +
 +You can disable the 2-factor login by appending these two lines:
 +
 +<​file>​
 +auth [success=1 default=ignore] pam_access.so accessfile=/​etc/​security/​access-local.conf
 +auth       ​required ​    ​pam_google_authenticator.so
 +</​file>​
 +
 +In the file /​etc/​security/​access-local.conf you can add the following to skip 2-factor for the network 10.0.0.0/​24:​
 +
 +<​file>​
 ++ : ALL : 10.0.0.0/24
 ++ : ALL : LOCAL
 +- : ALL : ALL
 +</​file>​
 +
  
howtos/google_authenticator.txt · Last modified: d/m/Y H:i (external edit)