Securing your Linux machine with two factor verification

anvilfour

Just read a couple of excellent articles on securing login to your Linux Desktop and to your SSH server using Google Authenticator.

As I'm sure you're all aware, this means when either sitting down or connecting remotely to log in to your machine, you're asked for a verification code in addition to your password, which makes your machine much safer and also helps you feel a little better about having a short password(!)

Google Authenticator itself is open source, so the code can be reviewed to make sure there are no flaws or backdoors. However the corresponding app for your cellphone which generates the verification codes for some reason is not.

For this reason I use FreeOTP Authenticator which works in exactly the same way and is available both for iPhones and Android devices.

A word of caution if you do this : be sure to write down the scratch codes and put them in a safe place so you can log in if you lose your phone!

Naturally this is not an absolute defence but it does increase the number of devices an adversary will have to compromise before getting to your data!

syklops

and also helps you feel a little better about having a short password(!)

The best way to feel better about having a short password is not have one.

anvilfour

Dare to dream syklops! :-)

I hope the articles are useful to anyone interested in beefing up their security in any case - hopefully they'll already have complex passwords as you say.

PrzemoF

FreeOTP for android is also here: https://f-droid.org/repository/browse/?fdfilter=authentication&fdid=org.fedorahosted.freeotp

anvilfour

PrzemoF wrote: »

FreeOTP for android is also here: https://f-droid.org/repository/browse/?fdfilter=authentication&fdid=org.fedorahosted.freeotp

A very good point PrzemOF - bit shout out for F-Droid which is a Free and Open Source version of the Google Play Store... much better!