In recent years, multifactor authentication (MFA) has been a hot topic in information security, with many organizations and software services now making it a requirement. To achieve MFA, two or more authentication factors must be provided by a user to pass authentication. These factors include something you have, something you know, something you are, somewhere you are, or something you do.
Many organizations have turned to the Google Authenticator tool to implement MFA using a time-based one-time password (TOTP). Using TOTP with Google Authenticator satisfies the “something you have” authentication factor because TOTP requires a device in the user’s possession (e.g., the user’s Android smartphone or iPhone.) Adding a regular user password to satisfy the “something you know” authentication factor provides the second factor to achieve MFA. Many software as a service (SaaS) providers, such as GitHub, AWS, and Microsoft Azure, support Google Authenticator as an option for MFA.
At a high level, TOTP works by having a secret key that is generated on a service and shared with a device. The TOTP algorithm with two inputs, the secret key plus the system’s Unix time, results in a one-time password known by both the device and the service. A new password is typically generated every 30 or 60 seconds.
Google provides a pluggable authentication module (PAM), google‑authenticator‑libpam [1], that system administrators can use to integrate various Linux services with Google Authenticator. As a PAM module, it can be used with virtually any Linux service with robust industry-standard authentication methods. In this article, I will specifically integrate Google Authenticator with SSH logins.
Diese Geschichte stammt aus der #269/April 2023: The Fediverse-Ausgabe von Linux Magazine.
Starten Sie Ihre 7-tägige kostenlose Testversion von Magzter GOLD, um auf Tausende kuratierte Premium-Storys sowie über 8.000 Zeitschriften und Zeitungen zuzugreifen.
Bereits Abonnent ? Anmelden
Diese Geschichte stammt aus der #269/April 2023: The Fediverse-Ausgabe von Linux Magazine.
Starten Sie Ihre 7-tägige kostenlose Testversion von Magzter GOLD, um auf Tausende kuratierte Premium-Storys sowie über 8.000 Zeitschriften und Zeitungen zuzugreifen.
Bereits Abonnent? Anmelden
MADDOG'S DOGHOUSE
The stakeholder approach of open source broadens the pool of who can access, influence, and benefit from information technologies.
MakerSpace
Rust, a potential successor to C/C++, claims to solve some memory safety issues while maintaining high performance. We look at Rust on embedded systems, where memory safety, concurrency, and security are equally important
In Harmony
Using the Go Interface mechanism, Mike demonstrates its practical application with a refresh program for local copies of Git repositories.
Monkey Business
Even small changes in a web page can improve the browsing experience. Your preferred web browser provides all the tools you need to inject JavaScript to adapt the page. You just need a browser with its debugging tools, some knowledge of scripting, and the browser extension Tampermonkey.
Smarter Navigation
Zoxide, a modern version of cd, lets you navigate long directory paths with less typing.
Through the Back Door
Cybercriminals are increasingly discovering Linux and adapting malware previously designed for Windows systems. We take you inside the Linux version of a famous Windows ransomware tool.
Page Pulse
Do you want to be alerted when a product is back in stock on your favorite online store? Do you want to know when a website without an RSS feed gets an update? With changedetection.io, you can stay up-to-date on website changes.
Arco Linux
ArcoLinux, an Arch derivative, offers easier installs while educating users about Arch Linux along the way.
Ghost Coder
Artificial intelligence is increasingly supporting programmers in their daily work. How effective are these tools? What are the dangers? And how can you benefit from Al-assisted development today?
Zack's Kernel News
Chronicler Zack Brown reports on the latest news, views, dilemmas, and developments within the Linux kernel community.