might be ur last defense line ...
Holla XSS!
lets configure google authenticator over ssh access
Код:
sudo yum -y install google-authenticator qrencodeinstall
Код:
$ sudo vi /etc/pam.d/sshdedit sshd file
Код:
auth required pam_google_authenticator.so
$ sudo /etc/ssh/sshd_config
ChallengeResponseAuthentication yestype in terminal :
Код:
google-authenticator
- Use “time-based” time-based tokens: yes
- Update the .google_authenticator file: yes
- Disallow multiple uses of the same authentication token: yes
- Increase the original generation time limit: no
- Enable rate-limiting: yes
Код:
Your new secret key is: F298F23FJ230F9JSHXXXXXX
Your verification code is 142XXX
Your emergency scratch codes are:
1345XXXX
6526XXXX
3893XXXX
2457XXXX
6000XXXXYou’ll be given secret key, verification code and emergency scratch codes to be used if you don’t have access to your phone.
Write them down on paper or notepad and keep them safe.
Код:
sudo systemctl restart sshdRestart sshd service on the server
Next login will require you to pass given code in Auth App
Credits Please if Copied never shared in other forums All my recent Post Dedicated for XSS!
show some love to keep this going by reaction or whatever support !
any translation to Russian is appreciated from experienced user !