![]() ![]() All following accesses would then require MFA, and I can configure the SSH host to verify if a MFA config file is present in the user's home folder. This is achieved by running a command on SSH access. I'll still use the Google Authenticator PAM, but I decided to make the setup process easier by not notifying the users via email when their accounts are setup with MFA, but rather allow them access via RSA key on their first SSH access, but immediately force them to setup their own MFA as per the tutorial above. I know this question covers a lot of info, but rather than a canonical answer (that probably isn't even possible) I'm looking for solid pointers on where too look for information and hopefully that someone can also highlight any pitfalls with my idea/approach as this is all very new to me and I'm a bit lost.Īfter investigating these topics for a while, I decided I should use a slightly different method/approach to this automation. ![]() Is there anyway I could add and maintain their email address info to the user account in Linux? Currently, the users are managed only via their username/handle (ie, jdoe).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |