Two-factor authentication to the server via ssh

In this series of mini articles, we continue to describe how to deploy high-availability and secure Chainlink node. In this article we describe how to enable 2FA on the Guard VM server via ssh.

Initial Setup

Note: If you get “permission denied” when running the command, use vim and add.

Setting up Google Authenticator

And answer according to the pattern:

  • Make tokens “time-base”: yes

  • Update the .google_authenticator file: yes

  • Disallow multiple uses: yes

  • Increase the original generation time limit: no

  • Enable rate-limiting: yes

With the received data (scan qr or secret key), create a new Google Authenticator account.

If you add it manually:

  • Account: arbitrary name-service ID

  • Key: Your new secret key

Enable mandatory verification of Google Authenticator on the server

Now the server can only be accessed via ssh key and google authenticator code.


Last updated