How VPS - How to use/setup VPS
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
How VPS - How to use/setup VPS
No Result
View All Result
Home Operating System CentOS

How To Setup Two-Factor Authentication (2FA) for SSH on CentOS 6 using Google Authenticator

How VPS by How VPS
October 1, 2019
in CentOS
0
0
SHARES
23
VIEWS
Share on FacebookShare on Twitter

Contents

  1. Step 1: Installing the required packages
  2. Step 2: Configuring the software
  3. Step 3: Configuring Google Authenticator on your mobile device
  4. Conclusion
    1. Other versions
  5. Want to contribute?


After changing your SSH port, configuring port knocking, and making other tweaks for SSH security, there is perhaps one more way that you can protect your server; using two-factor authentication. With two factor authentication (2FA), a person would require your mobile device to access your SSH server. This can be useful to protect against all brute forcing attacks, and unauthorized login attempts.

In this tutorial, I will explain how to configure 2FA on your CentOS 6 server with SSH and Google Authenticator.

Step 1: Installing the required packages

The package “google-authenticator” exists in the default repository for CentOS. Run the following command as the root user to install it.

yum install pam pam-devel google-authenticator

Now that you have this installed on your server, you’ll need to install the “Google Authenticator” app on your mobile device.

  • Download for Android Devices
  • Download for iOS Devices

After you install that, keep your mobile device readily available, because we still need to configure 2FA.

Step 2: Configuring the software

First, login via SSH as the user you wish to secure.

Execute the following command:

 google-authenticator

Hit “y” at the first message, where it asks you if you would like to update the ./google_authenticator file. When it prompts you to disallow multiple uses, hit “y” again so that another user can’t use your code. For the rest of the options, hit “y”, as they all improve the effectiveness of this software.

Great! Make sure you copy down the secret key, and the emergency scratch codes on a piece of paper.

Now, we need to configure PAM to use 2FA.

For this article, I’ll be using nano as the preferred text editor. Execute the following command as root.

nano /etc/pam.d/sshd

Add the following line to the top of the file.

 auth required pam_google_authenticator.so 

Save, then close the editor.

Next, configure the SSH daemon to use 2FA.

nano /etc/ssh/sshd_config

Find the line that resembles “ChallengeResponseAuthentication no”, and change “no” to “yes”.

Restart the SSH server:

service sshd restart

Step 3: Configuring Google Authenticator on your mobile device

To configure this software, we need to add the secret key into it. Find the “manually enter key” option, and tap that. Input the secret key you wrote down earlier, and save. A code will now pop up, and will refresh every so often. You’ll need this to logon to the SSH server from now on.

Conclusion

The purpose of two factor authentication is to improve the security of your server. Since no one else will have access to your mobile device, they won’t be able to figure out the code to login to your server.

Other versions

  • Ubuntu
  • CentOS

Want to contribute?

You could earn up to $300 by adding new articles

Submit your article
Suggest an update
Request an article
How VPS

How VPS

Related Posts

Failed to download metadata for repo 'appstream' on Centos 8
CentOS

How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8

February 25, 2022
How to Install BoltWire CMS on CentOS 7
CentOS

How to Install BoltWire CMS on CentOS 7

February 14, 2020
Showterm.io – A Terminal/Shell Recording, Upload and Share Tool for Linux
CentOS

Setup HTTP Authentication With Nginx on CentOS 7

February 14, 2020
Next Post

Use Apachetop To Monitor Web Server Traffic In Real Time

Deploy Kubernetes With Kubeadm on CentOS 7

How to Install Zikula on CentOS 7

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 121 Followers
  • 87.2k Followers

Recommended

dutree – A CLI Tool to Analyze Disk Usage in Coloured Output

4 years ago

Load Balance with Docker

3 years ago

14 Useful Examples of Linux ‘sort’ Command – Part 1

4 years ago

Rename – A Command Line Tool For Renaming Multiple Files in Linux

4 years ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • Arch
  • Authentication
  • Backups
  • BSD
  • Centmin Mod
  • CentOS
  • Control Panels
  • CoreOS
  • CWP
  • Debian
  • Directadmin
  • Encryption
  • Fedora
  • Firewalls
  • Hocvps Script
  • Hosting providers
  • Kloxo-MR
  • Linux
  • Mitigations
  • Operating System
  • Plesk
  • Reviews
  • Securing VPS/Servers
  • Security Patches
  • SSL Certificates
  • Uncategorized
  • Upgrading
  • VPS/Servers management guides
  • Vulnerability Detection
  • Web servers software
  • Webhosting Control Panel

Topics

Apache Web Server Bluehost Review 2019 Bluehost Review 2020 Bluehost Review 2021 Centmin Mod CentminMod centos install htop fsck htop install HTTP DoS attack Install Snort on an Ubuntu install Zabbix on CentOS install Zabbix on CentOS 7 Linux Commands linux guide linux install htop linux vps setup guide MariaDB MariaDB Error Mysql mysqld error optimize MariaDB optimize Mysql snort Ubuntu
No Result
View All Result

Highlights

Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

Webmin Reviews

Virtualmin Reviews

CentOS Web Panel Reviews

Ajenti Reviews

ISPConfig Reviews

Trending

Failed to download metadata for repo 'appstream' on Centos 8
CentOS

How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8

by How VPS
February 25, 2022
0

I tried to update some extensions by use yum on centOs which I specified in Dockerfile. After...

How to Fix MySQL Error "Plugin 'InnoDB' registration as a STORAGE ENGINE failed"?

How to Fix MySQL Error “Plugin ‘InnoDB’ registration as a STORAGE ENGINE failed”?

November 17, 2020
How to optimize Mysql or MariaDB

How to optimize Mysql or MariaDB

November 3, 2020
Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

February 17, 2020
Webmin Reviews

Webmin Reviews

February 17, 2020
How VPS – How to use/setup VPS

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8 February 25, 2022
  • How to Fix MySQL Error “Plugin ‘InnoDB’ registration as a STORAGE ENGINE failed”? November 17, 2020
  • How to optimize Mysql or MariaDB November 3, 2020

Categories

  • Arch
  • Authentication
  • Backups
  • BSD
  • Centmin Mod
  • CentOS
  • Control Panels
  • CoreOS
  • CWP
  • Debian
  • Directadmin
  • Encryption
  • Fedora
  • Firewalls
  • Hocvps Script
  • Hosting providers
  • Kloxo-MR
  • Linux
  • Mitigations
  • Operating System
  • Plesk
  • Reviews
  • Securing VPS/Servers
  • Security Patches
  • SSL Certificates
  • Uncategorized
  • Upgrading
  • VPS/Servers management guides
  • Vulnerability Detection
  • Web servers software
  • Webhosting Control Panel

[mc4wp_form]

© 2018 JNews - City News Magazine WordPress theme. All rights belong to their respective owners.
JNews is a top selling 2018 WordPress News, Blog, Newspaper & Magazine Theme.

No Result
View All Result
  • Home

© 2023 JNews - Premium WordPress news & magazine theme by Jegtheme.