<ul><li>SSH keys still represent only a single factor of authentication, thus the need for further security.</li><li>Google’s PAM module generates TOTP compatible with any OATH-TOTP app.</li><li>Be sure to save the secret key, verification code, and recovery codes in a secure location.</li><li>Configure sshd configuration file by appending the following line to the end of the file.</li><li>Locate the ChallengeResponseAuthentication option and set its value to 'yes' and save the file.</li><li>If you haven’t set up SSH keys, skip Step — 4.</li><li>MFA won’t function if you’re using an SSH key.</li><li>This approach significantly improves security by making it much more difficult for unauthorized users to gain SSH access.</li><li>Enter the code generated by the app, which will complete the login.</li><li>Implementing 2FA significantly improves security.</li></ul>

How to Secure SSH on Any Linux Server using PAM and Google Authenticator

Discover more