mirror of
https://github.com/ovh/the-bastion.git
synced 2026-05-10 00:09:09 +02:00
[GH-ISSUE #249] MFA TOTP change Google by another #66
Labels
No labels
answered
bug
documentation
enhancement
enhancement
feature
feature
kept-open-for-info
pull-request
question
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/the-bastion#66
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @FlochonR on GitHub (Sep 27, 2021).
Original GitHub issue: https://github.com/ovh/the-bastion/issues/249
Hello,
I enabled the MFA TOTP to connect to Bastion and Vm's behind.
I changed, in the configuration file /etc/pam.d/sshd, the Google PAM authenticator by Duo PAM but when a user enable the MFA with "selfMFASetupTOTP" I have still the QR code from Google PAM authenticator.
Is it possible to disable that ?
(The authentication with Duo is ok with the modification in /etc/pam.d/sshd)
Thanks in advance for your help,
FlochonR
@speed47 commented on GitHub (Sep 28, 2021):
Hello FlochonR,
Sure, I never tried with the Duo's PAM integration, but it should work flawlessly. I'll just make the setup command configurable, so that one can customize it. As you said, in the case of Duo, it seems there is no per-user local setup to do, so /bin/true will be a perfect setup command :)
@FlochonR commented on GitHub (Sep 29, 2021):
Hello speed47 !
Thank you ! :)
@speed47 commented on GitHub (Nov 3, 2021):
Merged #255