2-factor security Open SSH set-up using Google Authenticator

Enabling 2 factor security on your server via SSH is a great way to add a extra step of protection for your server this is very easy to setup


First install the google authenticator library on your Ubuntu server

sudo apt-get update
sudo apt-get install libpam-google-authenticator

next we will add the following line to the ssh pam file to make PAM aware of the google authenticator script

sudo echo auth required pam_google_authenticator.so >>  /etc/pam.d/sshd

in your sshd_config file make the following change

ChallengeResponseAuthentication no
ChallengeResponseAuthentication yes

then run google-authenticator and generate your ssh token  use your favorate authenticator app  to store it
then restart the ssh server sudo service sshd restart
login to the server with another terminal before terminating your current session for testing


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.