How to set up dual-factor authentication on Linux?

1 year ago
William Carter
2 minutes

To set up two-factor authentication on a Linux system, you can follow these steps:

  1. Install the PAM module.
  2. Dual-factor authentication is typically implemented using PAM (Pluggable Authentication Modules) modules. First, check if the system already has the pam-devel package installed. If it is not installed, you can use the following command to install it:
  3. Please use the following command to install libpam0g-dev: sudo apt-get install libpam0g-dev
  4. Install two-factor authentication service.
  5. You can opt to install two-factor authentication services such as Google Authenticator or Duo Security. These services allow you to use mobile applications to generate verification codes.
  6. Please install libpam-google-authenticator using the command sudo apt-get install l ibpam-google-authenticator.
  7. Configure the PAM module.
  8. Open the /etc/pam.d/sshd file (if using SSH for authentication) or the /etc/pam.d/login file (if using local login for authentication), and add the following line at the beginning of the file:
  9. Require authentication using the Google Authenticator module.
  10. Set up two-factor authentication service:
  11. To set up Google Authenticator, you can run the following command in the command line:
  12. a tool developed by Google for generating two-factor authentication codes
  13. According to the prompt, you will be asked if you allow the use of time synchronization, if you allow multiple token devices, and if you require the use of a key. Make your selections based on your needs.
  14. Restart the SSH service (if using SSH for authentication) or reboot the system (if using local login for authentication):
  15. Restart the sshd service using sudo systemctl.
  16. Enable two-factor authentication when logging in.
  17. When a user logs in, the system will first ask for the usual username and password, then request a verification code for two-factor authentication. As per the requirements of the two-factor authentication service, a verification code can be generated using a mobile application.

Please note that this is just the basic setup process for two-factor authentication, and the specific steps may vary depending on the two-factor authentication service being used. It is recommended to refer to the documentation of the service being used for detailed configuration.

bannerAds