Find the answer to your Linux question:
Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    How to enable passphrase for access via ssh


    How can I enable passphrase along with the password for login via ssh ? In that whenever I login from server A to server B via ssh, it should ask me for a password and then passphrase to allow me access.


    Can we have multiple passwords to login via ssh ?

    My basic need is to have 2 levels of password.

  2. #2
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    After some searching, this was found:
    As of now, you cannot have a Two Factor authentication with 1) Public key and 2) password.
    PAM and pubkey auth are (as of now) mutually exclusive.
    Here is the bug ticket:

    It may be up to your character, if you are happy about the latest activity and comments
    or disapointed by the fact, that the ticket was created in 2005 :P

    However, if you don't need pubkeys or create a block of users w/o pubkeys via the match directive, then you can stack multiple pam auth modules.

    Additionally to pam_unix, this here might work for you:
    google-authenticator - Two-step verification - Google Project Hosting
    But there are also other pam modules.

    Seems like a fun project, I would appreciate, if you could report your progress
    You must always face the curtain with a bow.

  3. #3
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    The Keystone State
    What I do is create an ssh key with a passphrase.
    Then copy the .pub key to the device I want to use keys with.
    This allows me to use ssh keys and still be secure


    The adventure of a life time.

    Linux User #296285
    Get Counted

  4. $spacer_open
  5. #4
    Linux Newbie hans51's Avatar
    Join Date
    May 2011
    that is a slightly different story that works easily
    to create ssh key with passphrase:

    the passphrase option is chosen and passphrase created when you initially create your serverkey
    whether it is possible to add a passphrase to an existing ssh key ...
    may be that helps and works for you
    SSL/TLS Strong Encryption: FAQ - Apache HTTP Server
    To add a passphrase to the key, you should run the following command, and enter & verify the passphrase as requested.

    $ openssl rsa -des3 -in server.key -out
    $ mv server.key
    else you just create a new key from scratch

    make sure to understand that a serverkey with password protection never could be used for any automated connection as it always would require the manual input and most likely within a time frame.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts