Re: add 2FA to ssh

2020-08-14 Thread Thomas Pircher
Henning Follmann wrote: > Either keys generated thru ssh-genkey or if you use > gnupg to manage your keys. > gnupg has the advantage that you could use > a gnupg card to store your keys. Thanks for the clarification, it was purely out of interest. As someone who has discovered ssh CAs only relativ

Re: add 2FA to ssh

2020-08-14 Thread Henning Follmann
On Thu, Aug 13, 2020 at 05:38:04PM +0100, Thomas Pircher wrote: > Henning Follmann wrote: > > Maintain a good keychain and you wont need 2FA. > > I'm curious, What do you mean by keychain in context of ssh? The > application of that name or something else? > > Thomas > Either keys generated thru

Re: add 2FA to ssh

2020-08-13 Thread Thomas Pircher
Henning Follmann wrote: > Maintain a good keychain and you wont need 2FA. I'm curious, What do you mean by keychain in context of ssh? The application of that name or something else? Thomas

Re: add 2FA to ssh

2020-08-13 Thread Henning Follmann
On Thu, Aug 13, 2020 at 09:39:43AM -0500, Nicholas Geovanis wrote: > On Thu, Aug 13, 2020, 6:47 AM Henning Follmann > wrote: > > > On Thu, Aug 13, 2020 at 01:37:39PM +0200, Pòl Hallen wrote: > > > Hi folks :) > > > > > > > > what it better with 2FA: at ssh login request first 2FA authentication >

Re: add 2FA to ssh

2020-08-13 Thread James Allsopp
Hi, You can do it at the same time with a yubikey and editing your pam file. https://developers.yubico.com/yubico-pam/YubiKey_and_SSH_via_PAM.html#:~:text=The%20Yubico%20PAM%20module%20for,YubiKey%20assigned%20to%20the%20user. Been doing this for years, James On Thu, 13 Aug 2020 at 15:24, Toni

Re: add 2FA to ssh

2020-08-13 Thread Nicholas Geovanis
On Thu, Aug 13, 2020, 6:47 AM Henning Follmann wrote: > On Thu, Aug 13, 2020 at 01:37:39PM +0200, Pòl Hallen wrote: > > Hi folks :) > > > > > what it better with 2FA: at ssh login request first 2FA authentication > next > > ssh password or viceversa? > > > > thanks! > > > > Pol > > sorry to say,

Re: add 2FA to ssh

2020-08-13 Thread Toni Mas Soler
I think 2FA first is better. Thus you don't have to type your password if you have a wrong 2FA. Toni Mas Missatge de Pòl Hallen del dia dj., 13 d’ag. 2020 a les 13:38: > > Hi folks :) > > > what it better with 2FA: at ssh login request first 2FA authentication > next ssh password or viceversa? >

Re: add 2FA to ssh

2020-08-13 Thread Henning Follmann
On Thu, Aug 13, 2020 at 01:37:39PM +0200, Pòl Hallen wrote: > Hi folks :) > > > what it better with 2FA: at ssh login request first 2FA authentication next > ssh password or viceversa? > > thanks! > > Pol > sorry to say, but 2FA is again one of the hype things. Why do you need 2FA for ssh. I

add 2FA to ssh

2020-08-13 Thread Pòl Hallen
Hi folks :) what it better with 2FA: at ssh login request first 2FA authentication next ssh password or viceversa? thanks! Pol