I worked on setting up 2FA while doing ssh in EC2 instance. But after the setup instance is still not asking for 2FA code and directly logs my user i.e. ubuntu
into the server.
I did following steps to setup 2FA:
Install Google Authenticator PAM module.
sudo apt install libpam-google-authenticator
Add
auth required pam_google_authenticator.so
to/etc/pam.d/sshd
Restart ssh
sudo systemctl restart sshd.service
Update sshd_config with following:
ChallengeResponseAuthentication yes PasswordAuthentication no
Run command
google-authenticator
Please help me resolve this issue. Thanks in advance.
CodePudding user response:
I was facing this issue because of other configuration was enabled. PubKeyAuthentication was used instead of authenticator. I change it to PubKeyAuthentication no
which resolved the issue.