Jafner/Jafner.net
1
0
Fork 0
Code Issues 16 Pull Requests Actions Packages Projects Releases Wiki Activity

Update docs for removing 2FA

Browse Source
This commit is contained in:
Joey Hafner 2024-02-13 11:22:00 -08:00
parent 0b90f55383
commit f680691398
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
homelab/docs/Security.md
View File

@ -117,7 +117,8 @@ https://www.digitalocean.com/community/tutorials/how-to-set-up-multi-factor-auth
Some use cases (such as programmatic access) demand 2FA be disabled.
Some day we'll figure out how to allow specific keys to bypass the 2FA requirement. But until then,
Edit the file `/etc/ssh/sshd_config` as root. Set `UsePAM` from `yes` to `no`.
1. Edit the file `/etc/pam.d/sshd` and comment out the line `auth sufficient pam_google_authenticator.so nullok`
2. Edit the file `/etc/ssh/sshd_config` and find the `AuthenticationMethods` configuration. Replace the value `publickey,keyboard-interactive` with `publickey`.
### SSH Key Management
The process for managing SSH keys should work as follows: