Activate the 2-Factor Authentication

Note

Feature only available on Private Cloud environments.

You will need to contact the customer support team to install the google-authenticator1 tool.

Once google-authenticator is installed on the server, here is how you activate the 2-factor authentication for each account:

  1. Log in to your account with SSH;

  2. Create a new secret key,

    • for TOTP verification:
    $ google-authenticator -tDfuw 3
    • for HOTP verification:
    $ google-authenticator -cfuw 3

The script will then send back to you:

  • a QR code and the new secret key to enter in your password generating application2,
  • several emergency codes for recovering your code.

For TOTP verifications, you will need to indicate the code sent by your software.

The installation is complete, the SSH 2-factor authentication is now activated.

  1. Although it was developed by Google, this is a general and open source OTP tool. At no time does it communicate with Google’s servers. ↩︎

  2. Examples of applications: FreeOTP - Android, iOS and F-Droid (Github) | Google Authenticator - Android and iOS↩︎