Find the answer to your Linux question:
Results 1 to 4 of 4
Hello, How can I enable passphrase along with the password for login via ssh ? In that whenever I login from server A to server B via ssh, it should ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. 04-21-2011 #1
    me_spearhead
    me_spearhead is offline
    Just Joined!
    Join Date
    Apr 2007
    Posts
    23

    How to enable passphrase for access via ssh

    Hello,

    How can I enable passphrase along with the password for login via ssh ? In that whenever I login from server A to server B via ssh, it should ask me for a password and then passphrase to allow me access.

    OR

    Can we have multiple passwords to login via ssh ?

    My basic need is to have 2 levels of password.
    Reply With Quote Reply With Quote
  2. 04-21-2011 #2
    Irithori
    Irithori is offline
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    Location
    Munich
    Posts
    2,973
    After some searching, this was found:
    As of now, you cannot have a Two Factor authentication with 1) Public key and 2) password.
    PAM and pubkey auth are (as of now) mutually exclusive.
    Here is the bug ticket:
    https://bugzilla.mindrot.org/show_bug.cgi?id=983

    It may be up to your character, if you are happy about the latest activity and comments
    or disapointed by the fact, that the ticket was created in 2005 :P


    However, if you don't need pubkeys or create a block of users w/o pubkeys via the match directive, then you can stack multiple pam auth modules.

    Additionally to pam_unix, this here might work for you:
    google-authenticator - Two-step verification - Google Project Hosting
    But there are also other pam modules.

    Seems like a fun project, I would appreciate, if you could report your progress
    You must always face the curtain with a bow.
    Reply With Quote Reply With Quote
  3. 04-22-2011 #3
    Lazydog
    Lazydog is offline
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,613
    What I do is create an ssh key with a passphrase.
    Then copy the .pub key to the device I want to use keys with.
    This allows me to use ssh keys and still be secure

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted
    Reply With Quote Reply With Quote
  4. 06-20-2011 #4
    hans51
    hans51 is offline
    Linux Newbie hans51's Avatar
    Join Date
    May 2011
    Posts
    136
    that is a slightly different story that works easily
    to create ssh key with passphrase:

    the passphrase option is chosen and passphrase created when you initially create your serverkey
    whether it is possible to add a passphrase to an existing ssh key ...
    may be that helps and works for you
    SSL/TLS Strong Encryption: FAQ - Apache HTTP Server
    To add a passphrase to the key, you should run the following command, and enter & verify the passphrase as requested.

    $ openssl rsa -des3 -in server.key -out server.key.new
    $ mv server.key.new server.key
    else you just create a new key from scratch

    make sure to understand that a serverkey with password protection never could be used for any automated connection as it always would require the manual input and most likely within a time frame.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules