Hello friends, today we are going to implement two-factor authentication on
ubuntu. Two-factor authentication adds an extra layer of security. We are going
to use google authenticator to implement two-factor authentication.
Before we start, once we have set this up, we will not be able to log into
the account (or issue sudo commands) without a six-digit code from the
authenticator. This also adds another step for us. Remember, however, this
added step brings with it an extra layer of security we wouldn’t have
otherwise.
First we are going to install google authenticator on our ubuntu.
sudo apt-get install libpam-google-authenticator
After we install it we are going to configure our authenticator. Open
/etc/pam.d/common-auth
sudo gedit /etc/pam.d/common-auth
Add a line auth required
pam_google_authenticator.so at the same place shown in the image.
Now install google authenticator on your smartphone.
Now run command google-authenticator on
terminal. Select yes for time-based authentication. In time based
authentication, OTP will be valid for a particular period of time.
Now it will generate password and a QR-code. You can either create an
account manually or simply scan the QR-code on your phone to setup your
account.
Once you have created the account on your smartphone it will look something
like this.
After creating the account on your smartphone, select yes to update google
authenticator on terminal.
Now it will ask multiple options to select the type of authentication you want. You can customize it according to your need.
Now restart our system to check if the authenticator is working.
Now whenever we try to login it asks for verification code that will be
available on your smartphone.
0 comments:
Post a Comment