Computer Documentation Wiki

User Tools

Site Tools

Trace:
institute_lorentz:shell_access

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
institute_lorentz:shell_access [2021/03/15 10:07] lenocilinstitute_lorentz:shell_access [2021/05/20 06:52] (current) lenocil
Line 1: Line 1:
 ====== Shell Access To 2FA-protected IL SSH Server ====== ====== Shell Access To 2FA-protected IL SSH Server ======
  
-Two-factor authentication is mandatory to gain shell access to our SSH server styx.lorentz.leidenuniv.nl __unless__ you have set up a public/private key SSH authentication for your account. In this latter case, your access will continue to be //passwordless//.+Two-factor authentication is mandatory to gain shell access to our SSH server styx.lorentz.leidenuniv.nl __unless__ you have set up a public/private key SSH authentication for your account. In this case, your access will continue to be //passwordless//.
  
-If no public/private key authentication is set up for your account, you will have to complete the extra 2FA step to gain access to the system. Obtain the One-time Code (OTP) either by using an [[institute_lorentz:2fa-smartphone|OTP app on your smart phone]] or by using an [[institute_lorentz:2fa-pc|OTP program on your personal computer]]. +If no public/private key authentication is set up for your account, you will have to complete the extra 2FA step to gain access to the system every SSH sessionShould you want to set up public/private key SSH authentication for your account to avoid typing passwords, please see this concise  [[https://www.ssh.com/ssh/keygen/|guide]].
  
-:!: Please allow at least 15 minutes between your first 2FA set up and an SSH login session to our server. This time is needed to guarantee synchronization of users secret keys between our Identity Provider and the SSH server.+Obtain the One-time Code (OTP) either by using an [[institute_lorentz:2fa-smartphone|OTP app on your smart phone]] or by using an [[institute_lorentz:2fa-pc|OTP program on your personal computer]].  
 + 
 +|:!: Please allow at least 30 minutes between your first 2FA set up and an SSH login session to our server. This time is needed to guarantee synchronization of users secret keys between our Identity Provider and the SSH server.
 + 
 +In the example below, user `gdhsa' initiates an SSH session to our SSH server. Because no public/private key authentication is available for this user, the system verifies first the user password and then the TOTP code. Should one of the two be incorrect, the login session will be unsuccessful.     
 + 
 +{{ :institute_lorentz:ssh2fa_mod.png?direct&600 |}}
institute_lorentz/shell_access.1615802867.txt.gz · Last modified: 2021/03/15 10:07 by lenocil

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki