Page MenuHomeVyOS Platform

Add google-authenticator 2fa
Closed, DuplicatePublicFEATURE REQUEST

Description

Remote admin of vyos routers is via ssh, which should be protected with two factor authentication. This patch

adds the stock debian google-authenticator package.

ssh vyos@your.router
google-authenticator <<EOF
y
y
y
n
n
EOF

The TOTP seed is stored in ~/.google-authenticator, rather than in the vyos config.

Details

Difficulty level
Easy (less than an hour)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible

Event Timeline

syncer triaged this task as Wishlist priority.Dec 21 2017, 9:11 PM
dmbaturin set Is it a breaking change? to Unspecified (possibly destroys the router).
dmbaturin changed Difficulty level from Unknown (require assessment) to Easy (less than an hour).Jan 27 2021, 6:50 PM
dmbaturin changed Is it a breaking change? from Unspecified (possibly destroys the router) to Perfectly compatible.