Configure SSH to Work with Google Authenticator

45 minutes
  • 4 Learning Objectives

About this Hands-on Lab

In this lab, we are required to configure SSH to interact with the Google Authenticator. The server is configured so that it only asks for a password. That needs to be changed after the first usage. Our job is to add this additional authentication step. First, we need to install and initialize the Google authenticator. Then, we need to configure SSH to make use of the authenticator. When everything is set up, make sure to perform a verification that the configuration is valid.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Configure Key-Based Login

Generate Private/Public Key Pair on the Client

ssh-keygen
Copy the Public Key Over to the Server
  • From client: /Path/to/your/public/key/file
  • To server: /home/cloud_user/.ssh/authorized_keys
SSH Configuration
sudo vim /etc/ssh/sshd_config
PubkeyAuthentication yes
PasswordAuthentication no
AuthenticationMethods publickey,keyboard-interactive
ESC
:wq
ENTER
Configure the Repository, Then Install and Initialize the Google Authenticator
sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Install Google Authenticator

sudo yum install google-authenticator

Initialize Google Authenticator

sudo google-authenticator
Further SSH configuration
sudo vim /etc/pam.d/sshd
auth required pam_google_authenticator.so
sudo systemctl restart sshd

Additional Resources

Lab Conditions

  • sshd server is running on port 22

Lab Overall Objectives

  • Download Google authenticator
  • Configure Google authenticator to work with SSH
  • Configure SSH to work with the Google authenticator
  • Configure SSH to require both the Google authenticator and key

Note: Please give the lab an extra 2-3 minutes to finish provisioning before connecting via ssh.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Get Started
Who’s going to be learning?

How many seats do you need?

  • $499 USD per seat per year
  • Billed Annually
  • Renews in 12 months

Ready to accelerate learning?

For over 25 licenses, a member of our sales team will walk you through a custom tailored solution for your business.


$2,495.00

Checkout
Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!