Page MenuHomeVyOS Platform

Add google-authenticator 2fa
Closed, DuplicatePublicFEATURE REQUEST

Description

Remote admin of vyos routers is via ssh, which should be protected with two factor authentication. This patch

adds the stock debian google-authenticator package.

ssh vyos@your.router
google-authenticator <<EOF
y
y
y
n
n
EOF

The TOTP seed is stored in ~/.google-authenticator, rather than in the vyos config.

Details

Version
-
Is it a breaking change?
Perfectly compatible

Event Timeline

syncer triaged this task as Wishlist priority.Dec 21 2017, 9:11 PM
dmbaturin set Is it a breaking change? to Unspecified (possibly destroys the router).
dmbaturin changed Is it a breaking change? from Unspecified (possibly destroys the router) to Perfectly compatible.