Need to enable dual authentication on a Linux Server
We are add a Linux server in RSA authentication , but not working as excepted , please see details below
It working if I open a new putty session from my widows server to this server (its asking PIN +RSA token ) , But not asking RSA pin and token if we login from ssh-key enabled client .
How we can fix this?
- Auth Agent
- Authentication Agent
- Community Thread
- dual factor authentication
- Forum Thread
- RSA SecurID
- RSA SecurID Access
- two factor authentication
I have moved this thread to the RSA SecurID Suite" data-type="space so that you can get an answer to your question.
The linux server PAM stack must be able to protect [method] individually. SSH is one thing, SFTP would be another...GDM another...certificate yet another. You need to be able to get into the stack when cert based login is processed, and fire the pam_securid module at the appropriate place in the stack.
SSH public key authentication is not implemented via PAM. It actually the PAM
authstack (but only
auth), something which many administrators overlook.
RSA Securid tokens are two-factor (something you have and something you know) vs one factor SSH-key (something you have, the key), so, disallow public keys and just allow SSH with tokens, and it is actually stronger than using public key based.