Timeline for SSH - Only require google-authenticator from outside local network
Current License: CC BY-SA 3.0
9 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Apr 7, 2022 at 11:38 | answer | added | gucki | timeline score: 1 | |
| May 14, 2018 at 3:11 | answer | added | jdinsd | timeline score: 1 | |
| Aug 27, 2017 at 21:39 | vote | accept | beardedfool | ||
| Aug 26, 2017 at 17:36 | answer | added | beardedfool | timeline score: 3 | |
| Aug 26, 2017 at 17:11 | comment | added | beardedfool | Tried auth success=1 pam access.so accessfile=/etc/security/access-local.conf as well Externally asks for code but fails (access denied). Internally just fails straight away Am I right in what this line is doing... check the IP against the access file and then skip 'success=n' lines. If so that difference in the behaviour of internal and external seems to suggest it's recognising that it's on the internal network, just that it doesn't have enough authorisation methods to satisfy the login conditions (guess??) I'm not sure why it makes the external fails now though? | |
| Aug 26, 2017 at 16:47 | comment | added | beardedfool | Thanks but that seems not to be it Both ask for the verification code but then fail. Could I check what your thoughts were on that please? I'll have a further look into that area in the meantime | |
| Aug 26, 2017 at 12:47 | history | tweeted | twitter.com/StackUnix/status/901425958858760197 | ||
| Aug 26, 2017 at 8:49 | comment | added | HostFission |
Change auth [success=1 default=ignore] pam_access.so to auth success pam_access.so.
|
|
| Aug 25, 2017 at 18:58 | history | asked | beardedfool | CC BY-SA 3.0 |