SSH and Desktop Login Using Two Factor Google Authenticator

[securitybreach]

Two factor authentication is increasingly becoming a strongly recommended way of protecting user accounts in web applications from attackers by requiring a second method of authentication in addition to the standard username and password pair.

 

Although two factor authentication can encompass a wide range of techniques like biometrics or smart cards, the most commonly deployed technique in web applications is the one time password. If you have used applications like Gmail, you are probably familiar with the one time password generated by the Google Authenticator app that's available on iOS or Android devices.

 

The algorithm used for the one time password in the Google Authenticator app is known as the Time-based One-Time Password (TOTP) algorithm. The TOTP algorithm is a standard algorithm approved by the IETF in (RFC 6238) totp-rfc.

 

 

Prerequisites

 

You need to download Google Authenticator app that generates 2-step verification codes on your phone or desktop. Install Google Authenticator before you install anything else on your Android device/iPhone/iPad/BlackBerry/Firefox devices....

http://www.cyberciti...-authenticator/

[securitybreach]

I set it on sshd and it works beautifully

  comhack@PiDeb ~ $ ssh -p xxxx 192.168.x.xx

Password:
Verification code:
Last login: Wed Oct 1 11:54:36 2014 from 192.168.x.xxx

comhack@Cerberus ~ %