Skip to content

date: 2011-10-25 18:17:06+00:00

Two step authentication on SSH with Google Authenticator under Debian Sid

categories: - Debian/Ubuntu - Howto - Security

On a Debian Sid system, install the following :

apt-get install libpam-google-authenticator

Edit /etc/ssh/sshd_config and set :

ChallengeResponseAuthentication yes

Restart the service :

service ssh restart

Now run :


Scan the barcode from the Google Authenticator app on your mobile device.

Edit /etc/pam.d/sshd and add at the very beginning of the file :

auth required

Now test a SSH connection. You should be prompted by a cool "Verification code :" Then by the regular password prompt.