[Linux] Avoid Some Account don’t have OTP
Posted On 2019-11-30
- OS Version: Redhat 7.5
- OTP Version: Google Two Factor Authentication
Some people setting two factor authentication on the ssh service, but some of the accout haven't set up OTP yet. Here will tell you how to escape the OTP login.
When you try to login by ssh and you probably will see this,
and even you type right password you still can not login to the server. The reason is that OTP configuration will affect all accounts that try to log in using ssh.
You have to modify the config to let some account can escape the OTP.
You probabloy will see below config in your
auth required pam_google_authenticator.so
auth required pam_google_authenticator.so nullok
google authenticator for certain users
google-authenticator-libpam / nullok
sshd: How to enable PAM authentication for specific users under
How To Set Up Multi-Factor Authentication for SSH on Ubuntu 16.04