I want 2 factor authentication on my linux servers.
I use CentOS 7/8.
I set up 2FA using this article: https://www.digitalocean.com/commun...lti-factor-authentication-for-ssh-on-centos-7
2FA works fine, but i need to manage my servers using ansible from special server in my private network.
I created user "ans_user" and put it into wheel group.
My management server has 10.10.10.10 ip address.
All i want:
- all servers in my infrastructure must accept connections from 10.10.10.10 for user ans_user using only ssh-key authentication
- all server in my infrastructure must accept connections from all other ip's and all users using ssh-key + only time passwords (2FA) (for example: google-authenticator)
I tried to solve my problem using:
Match User ans_user Address 10.10.10.10
AuthenticationMethods publickey
PasswordAuthentication no
PubkeyAuthentication yes
in my sshd_config file.
What i've got:
2FA not working, all users authenticate only ssh-keys.
Could you help me to solve my problem?
Is it possible?
Thank you.
I use CentOS 7/8.
I set up 2FA using this article: https://www.digitalocean.com/commun...lti-factor-authentication-for-ssh-on-centos-7
2FA works fine, but i need to manage my servers using ansible from special server in my private network.
I created user "ans_user" and put it into wheel group.
My management server has 10.10.10.10 ip address.
All i want:
- all servers in my infrastructure must accept connections from 10.10.10.10 for user ans_user using only ssh-key authentication
- all server in my infrastructure must accept connections from all other ip's and all users using ssh-key + only time passwords (2FA) (for example: google-authenticator)
I tried to solve my problem using:
Match User ans_user Address 10.10.10.10
AuthenticationMethods publickey
PasswordAuthentication no
PubkeyAuthentication yes
in my sshd_config file.
What i've got:
2FA not working, all users authenticate only ssh-keys.
Could you help me to solve my problem?
Is it possible?
Thank you.