Add google-authenticator 2fa
Closed, DuplicatePublicFEATURE REQUEST
Actions

Assigned To

None

Authored By

	carl.byington
	Dec 1 2017, 7:12 PM

Tags

Referenced Files

	F28522: vyos-build.git.patch
	Dec 1 2017, 7:12 PM

Subscribers

Active contributors

Description

Remote admin of vyos routers is via ssh, which should be protected with two factor authentication. This patch

vyos-build.git.patch2 KBDownload

adds the stock debian google-authenticator package.

ssh [email protected]
google-authenticator <<EOF
y
y
y
n
n
EOF

The TOTP seed is stored in ~/.google-authenticator, rather than in the vyos config.

Details

Difficulty level: Easy (less than an hour)
Version: -
Why the issue appeared?: Will be filled on close
Is it a breaking change?: Perfectly compatible

Related Objects

Mentioned In: T874: Support for Two Factor Authentication for CLI access via Google Authenticator/OTP

Event Timeline

carl.byington created this task.Dec 1 2017, 7:12 PM

syncer triaged this task as Wishlist priority.Dec 21 2017, 9:11 PM

pasik added a subscriber: pasik.Oct 1 2018, 9:52 AM

rps mentioned this in T874: Support for Two Factor Authentication for CLI access via Google Authenticator/OTP.Oct 5 2018, 4:29 AM

syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc4); removed VyOS 1.2 Crux.Oct 13 2018, 10:09 AM

syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc5); removed VyOS 1.2 Crux (VyOS 1.2.0-rc4).Oct 24 2018, 4:40 PM

syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc6); removed VyOS 1.2 Crux (VyOS 1.2.0-rc5).Oct 29 2018, 6:16 PM

dmbaturin edited projects, added VyOS 1.3 Equuleus; removed VyOS 1.2 Crux (VyOS 1.2.0-rc6).Nov 3 2018, 11:13 PM

dmbaturin edited projects, added VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.Dec 10 2020, 12:02 PM

dmbaturin set Is it a breaking change? to Unspecified (possibly destroys the router).

dmbaturin changed Difficulty level from Unknown (require assessment) to Easy (less than an hour).Jan 27 2021, 6:50 PM

dmbaturin changed Is it a breaking change? from Unspecified (possibly destroys the router) to Perfectly compatible.

dmbaturin closed this task as a duplicate of T874: Support for Two Factor Authentication for CLI access via Google Authenticator/OTP.

c-po moved this task from Need Triage to Backlog on the VyOS 1.4 Sagitta board.May 24 2021, 7:41 PM

c-po moved this task from Backlog to Finished on the VyOS 1.4 Sagitta board.May 29 2021, 9:12 PM