Cannot login with two-factor SSH [duplicate]
This question already has an answer here:
Secure an Ubuntu OpenSSH server from Brute force attacks but without a firewall or SSH key pair? [duplicate]
3 answers
How to harden an SSH server?
13 answers
In response to the users that flagged this as a potential duplicate, it is not. I have a SSH hardening solution, which I got off Canonical's ubuntu tutorials and is commonly repeated, but it isn't working, as I outlined below.
On my Ubuntu 18.04 box I've attempted to setup two-factor authentication for SSH per this tutorial, however when I attempt to login via SSH it fails. I'm prompted for my username as normal, then my password. No matter what it returns "Access denied" when I've entered my password. If I comment out
auth required pam_google_authenticator.so
from /etc/pam.d/sshd then SSH works again, but obviously without two-factor. What is stopping my password from being accepted?
ssh password two-factor-authentication
marked as duplicate by pa4080, karel, Eric Carvalho, Fabby, Thomas Mar 3 at 9:27
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
add a comment |
This question already has an answer here:
Secure an Ubuntu OpenSSH server from Brute force attacks but without a firewall or SSH key pair? [duplicate]
3 answers
How to harden an SSH server?
13 answers
In response to the users that flagged this as a potential duplicate, it is not. I have a SSH hardening solution, which I got off Canonical's ubuntu tutorials and is commonly repeated, but it isn't working, as I outlined below.
On my Ubuntu 18.04 box I've attempted to setup two-factor authentication for SSH per this tutorial, however when I attempt to login via SSH it fails. I'm prompted for my username as normal, then my password. No matter what it returns "Access denied" when I've entered my password. If I comment out
auth required pam_google_authenticator.so
from /etc/pam.d/sshd then SSH works again, but obviously without two-factor. What is stopping my password from being accepted?
ssh password two-factor-authentication
marked as duplicate by pa4080, karel, Eric Carvalho, Fabby, Thomas Mar 3 at 9:27
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
3
Possible duplicate of Secure an Ubuntu OpenSSH server from Brute force attacks but without a firewall or SSH key pair? - read the answer of mine there.
– pa4080
Feb 27 at 6:12
add a comment |
This question already has an answer here:
Secure an Ubuntu OpenSSH server from Brute force attacks but without a firewall or SSH key pair? [duplicate]
3 answers
How to harden an SSH server?
13 answers
In response to the users that flagged this as a potential duplicate, it is not. I have a SSH hardening solution, which I got off Canonical's ubuntu tutorials and is commonly repeated, but it isn't working, as I outlined below.
On my Ubuntu 18.04 box I've attempted to setup two-factor authentication for SSH per this tutorial, however when I attempt to login via SSH it fails. I'm prompted for my username as normal, then my password. No matter what it returns "Access denied" when I've entered my password. If I comment out
auth required pam_google_authenticator.so
from /etc/pam.d/sshd then SSH works again, but obviously without two-factor. What is stopping my password from being accepted?
ssh password two-factor-authentication
This question already has an answer here:
Secure an Ubuntu OpenSSH server from Brute force attacks but without a firewall or SSH key pair? [duplicate]
3 answers
How to harden an SSH server?
13 answers
In response to the users that flagged this as a potential duplicate, it is not. I have a SSH hardening solution, which I got off Canonical's ubuntu tutorials and is commonly repeated, but it isn't working, as I outlined below.
On my Ubuntu 18.04 box I've attempted to setup two-factor authentication for SSH per this tutorial, however when I attempt to login via SSH it fails. I'm prompted for my username as normal, then my password. No matter what it returns "Access denied" when I've entered my password. If I comment out
auth required pam_google_authenticator.so
from /etc/pam.d/sshd then SSH works again, but obviously without two-factor. What is stopping my password from being accepted?
This question already has an answer here:
Secure an Ubuntu OpenSSH server from Brute force attacks but without a firewall or SSH key pair? [duplicate]
3 answers
How to harden an SSH server?
13 answers
ssh password two-factor-authentication
ssh password two-factor-authentication
edited Feb 27 at 13:46
Jason
asked Feb 27 at 2:45
JasonJason
12
12
marked as duplicate by pa4080, karel, Eric Carvalho, Fabby, Thomas Mar 3 at 9:27
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
marked as duplicate by pa4080, karel, Eric Carvalho, Fabby, Thomas Mar 3 at 9:27
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
3
Possible duplicate of Secure an Ubuntu OpenSSH server from Brute force attacks but without a firewall or SSH key pair? - read the answer of mine there.
– pa4080
Feb 27 at 6:12
add a comment |
3
Possible duplicate of Secure an Ubuntu OpenSSH server from Brute force attacks but without a firewall or SSH key pair? - read the answer of mine there.
– pa4080
Feb 27 at 6:12
3
3
Possible duplicate of Secure an Ubuntu OpenSSH server from Brute force attacks but without a firewall or SSH key pair? - read the answer of mine there.
– pa4080
Feb 27 at 6:12
Possible duplicate of Secure an Ubuntu OpenSSH server from Brute force attacks but without a firewall or SSH key pair? - read the answer of mine there.
– pa4080
Feb 27 at 6:12
add a comment |
1 Answer
1
active
oldest
votes
Never mind, I got it to work. The .google_authenticator file was not created properly in my home directory (not sure why though, possibly I ran google-authenticator under the wrong user, possibly as root?), so after re-running it everything works fine.
You may accept your own answer to get this marked as Solved.
– ubfan1
Feb 28 at 2:23
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Never mind, I got it to work. The .google_authenticator file was not created properly in my home directory (not sure why though, possibly I ran google-authenticator under the wrong user, possibly as root?), so after re-running it everything works fine.
You may accept your own answer to get this marked as Solved.
– ubfan1
Feb 28 at 2:23
add a comment |
Never mind, I got it to work. The .google_authenticator file was not created properly in my home directory (not sure why though, possibly I ran google-authenticator under the wrong user, possibly as root?), so after re-running it everything works fine.
You may accept your own answer to get this marked as Solved.
– ubfan1
Feb 28 at 2:23
add a comment |
Never mind, I got it to work. The .google_authenticator file was not created properly in my home directory (not sure why though, possibly I ran google-authenticator under the wrong user, possibly as root?), so after re-running it everything works fine.
Never mind, I got it to work. The .google_authenticator file was not created properly in my home directory (not sure why though, possibly I ran google-authenticator under the wrong user, possibly as root?), so after re-running it everything works fine.
answered Feb 28 at 0:22
JasonJason
12
12
You may accept your own answer to get this marked as Solved.
– ubfan1
Feb 28 at 2:23
add a comment |
You may accept your own answer to get this marked as Solved.
– ubfan1
Feb 28 at 2:23
You may accept your own answer to get this marked as Solved.
– ubfan1
Feb 28 at 2:23
You may accept your own answer to get this marked as Solved.
– ubfan1
Feb 28 at 2:23
add a comment |
3
Possible duplicate of Secure an Ubuntu OpenSSH server from Brute force attacks but without a firewall or SSH key pair? - read the answer of mine there.
– pa4080
Feb 27 at 6:12