mirror of
https://github.com/ovh/the-bastion.git
synced 2025-09-11 07:24:14 +08:00
doc: add more info about root 2FA in sshd_config templates
This commit is contained in:
Stéphane Lesimple
Stéphane Lesimple
parent
8b02d610be
commit
415bc9b903
7 changed files with 21 additions and 7 deletions
|
|
@ -123,7 +123,9 @@ UseDNS no
|
|||
UsePAM yes
|
||||
|
||||
# === AuthenticationMethods vs potential root OTP vs potential user MFA ===
|
||||
# 2FA has been configured for root, so we force pubkey+PAM for it
|
||||
# If 2FA has been configured for root, we force pubkey+PAM for it. If this is the case
|
||||
# on your system, uncomment the next two lines (see
|
||||
# https://ovh.github.io/the-bastion/installation/advanced.html#fa-root-authentication)
|
||||
#Match User root
|
||||
# AuthenticationMethods publickey,keyboard-interactive:pam
|
||||
# Unconditionally skip PAM auth for members of the bastion-nopam group
|
||||
|
|
|
|||
|
|
@ -123,7 +123,9 @@ UseDNS no
|
|||
UsePAM yes
|
||||
|
||||
# === AuthenticationMethods vs potential root OTP vs potential user MFA ===
|
||||
# 2FA has been configured for root, so we force pubkey+PAM for it
|
||||
# If 2FA has been configured for root, we force pubkey+PAM for it. If this is the case
|
||||
# on your system, uncomment the next two lines (see
|
||||
# https://ovh.github.io/the-bastion/installation/advanced.html#fa-root-authentication)
|
||||
#Match User root
|
||||
# AuthenticationMethods publickey,keyboard-interactive:pam
|
||||
# Unconditionally skip PAM auth for members of the bastion-nopam group
|
||||
|
|
|
|||
|
|
@ -127,7 +127,9 @@ UseDNS no
|
|||
UsePAM yes
|
||||
|
||||
# === AuthenticationMethods vs potential root OTP vs potential user MFA ===
|
||||
# 2FA has been configured for root, so we force pubkey+PAM for it
|
||||
# If 2FA has been configured for root, we force pubkey+PAM for it. If this is the case
|
||||
# on your system, uncomment the next two lines (see
|
||||
# https://ovh.github.io/the-bastion/installation/advanced.html#fa-root-authentication)
|
||||
#Match User root
|
||||
# AuthenticationMethods publickey,keyboard-interactive:pam
|
||||
# Unconditionally skip PAM auth for members of the bastion-nopam group
|
||||
|
|
|
|||
|
|
@ -127,7 +127,9 @@ UseDNS no
|
|||
UsePAM yes
|
||||
|
||||
# === AuthenticationMethods vs potential root OTP vs potential user MFA ===
|
||||
# 2FA has been configured for root, so we force pubkey+PAM for it
|
||||
# If 2FA has been configured for root, we force pubkey+PAM for it. If this is the case
|
||||
# on your system, uncomment the next two lines (see
|
||||
# https://ovh.github.io/the-bastion/installation/advanced.html#fa-root-authentication)
|
||||
#Match User root
|
||||
# AuthenticationMethods publickey,keyboard-interactive:pam
|
||||
# Unconditionally skip PAM auth for members of the bastion-nopam group
|
||||
|
|
|
|||
|
|
@ -127,7 +127,9 @@ UseDNS no
|
|||
UsePAM yes
|
||||
|
||||
# === AuthenticationMethods vs potential root OTP vs potential user MFA ===
|
||||
# 2FA has been configured for root, so we force pubkey+PAM for it
|
||||
# If 2FA has been configured for root, we force pubkey+PAM for it. If this is the case
|
||||
# on your system, uncomment the next two lines (see
|
||||
# https://ovh.github.io/the-bastion/installation/advanced.html#fa-root-authentication)
|
||||
#Match User root
|
||||
# AuthenticationMethods publickey,keyboard-interactive:pam
|
||||
# Unconditionally skip PAM auth for members of the bastion-nopam group
|
||||
|
|
|
|||
|
|
@ -127,7 +127,9 @@ UseDNS no
|
|||
UsePAM yes
|
||||
|
||||
# === AuthenticationMethods vs potential root OTP vs potential user MFA ===
|
||||
# 2FA has been configured for root, so we force pubkey+PAM for it
|
||||
# If 2FA has been configured for root, we force pubkey+PAM for it. If this is the case
|
||||
# on your system, uncomment the next two lines (see
|
||||
# https://ovh.github.io/the-bastion/installation/advanced.html#fa-root-authentication)
|
||||
#Match User root
|
||||
# AuthenticationMethods publickey,keyboard-interactive:pam
|
||||
# Unconditionally skip PAM auth for members of the bastion-nopam group
|
||||
|
|
|
|||
|
|
@ -120,7 +120,9 @@ UseDNS no
|
|||
UsePAM yes
|
||||
|
||||
# === AuthenticationMethods vs potential root OTP vs potential user MFA ===
|
||||
# 2FA has been configured for root, so we force pubkey+PAM for it
|
||||
# If 2FA has been configured for root, we force pubkey+PAM for it. If this is the case
|
||||
# on your system, uncomment the next two lines (see
|
||||
# https://ovh.github.io/the-bastion/installation/advanced.html#fa-root-authentication)
|
||||
#Match User root
|
||||
# AuthenticationMethods publickey,keyboard-interactive:pam
|
||||
# Unconditionally skip PAM auth for members of the bastion-nopam group
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue