Hello there!

Need Help? We are right here!

support
miniOrange Email Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Two Factor Authentication for Linux Logon and SSH Access
miniOrange 2FA SSH Module provides Two-Factor Authentication for Linux system to local and remote login.

miniOrange 2FA SSH Module provides a secure way to login into the linux servers that enhance the security and makes the brute force attacks more difficult. 2FA on top of SSH Access, adds an extra layer of security to increase the identity assurance and reduce risk and exposure. miniOrange 2FA module can be installed on Linux operating systems to add Two-Factor authentication on the top of local and Remote login.

miniOrange supports following Authentication Methods for 2FA:

  • miniOrange Push Notifications (miniOrange Authenticator App)
  • miniOrange Soft Token (miniOrange Authenticator App)
  • OTP Over SMS / Email
  • Google Authenticator
  • Hardware Token

The Module has been well tested on the following Linux distributions.


( If you have other than the following mentioned distributions please contact us )

  • Ubuntu
  • RHEL based systems
    e.g. Red Hat, CentOS

Step by step guide to enable 2 Factor Authentication ​on SSH access(Linux) :


Step 1: Enroll your user

  • Sign up for miniOrange account.
  • Login into miniOrange Admin Portal.
  • Users can be added in miniOrange in 3 ways:
    1. 1. Create user manually.
      • Navigate to Users section and click on Add User button.
      • mo-linux-naigate-to-user-section

      • Create a user that matches your linux system logon username. Fill the user details and click on
        Create User.
      • mo-linux-create-user


    2. 2. You can configure your AD connection in miniOrange admin portal and import your existing users from AD into
      miniOrange.
    3. mo-linux-configure-ad-connection

    4. 3. You can bulk upload your users by providing the csv file.
    5. mo-linux-bulk-upload-user-by-csv




Step 2: Configure 2FA method for your users

  1. 1. Set 2FA method from admin dashboard:

    • Navigate to Users section and click on Select from the Actions column.
    • Select Reset Second Factor option.
    • mo-linux-naigate-to-user-section

    • Select the 2FA method you want to assign to the user and click on Submit.
    • mo-linux-select-any-2fa-method-you-want

  2. 2. Set 2FA method from end user dashboard.

  3. mo-linux-set-2fa-method




Step 3: Configure MO-SSH Module

  • Install the following extensions which are required to proceed for further configuration.
    curl, jq and python
  • Download the “mo-ssh” file.
  • Open your Linux terminal and make sure you are the root user.
  • Execute the following command to install “mo-ssh” module
    # bash mo-ssh install < path >
    e.g. # bash mo-ssh install /usr/local/bin
  • mo-linux-install

  • Enter the miniOrange account credentials.
  • mo-linux-credentials

  • Proceed for the following steps once you have successfully logged in.
  • Execute the below command to enable the 2FA for the users.
    ‹path of mo-ssh file› enable ‹local_username› ‹miniOrange_email› ‹phone_number›
    e.g. # /usr/local/bin enable ec2-user ec2user@xecurify.com +917894567894
  • mo-linux-enable 2fa

  • Execute the below command to restart the sshd service.
    $ service sshd restart
  • mo-linux-restart



Step 4: Test your setup

  • Initiate SSH into your system.
  • mo-linux-initiate-ssh-into-your-system

  • Enter your username.
  • mo-linux-enter-username

  • It will prompt for the 2FA verification.
  • mo-linux-prompt-for-2fa

  • Enter the token.
  • mo-linux-enter token

We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention and much more.

Please call us at +1978 658 9387 (US), +91 77966 99612 (India) or email us at info@xecurify.com