Unix/Linux Go Back    


UNIX for Beginners Questions & Answers If you're not sure where to post a Unix or Linux question, post it here. All unix and Linux beginners welcome in this forum!

Allow AD service account SSH to Linux systems without 2FA

UNIX for Beginners Questions & Answers


Tags
centos 7, linux, pam, sshd, two-factor authentication

Reply    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 1 Week Ago   -   Original Discussion by davidpar007
davidpar007's Unix or Linux Image
davidpar007 davidpar007 is offline
Registered User
 
Join Date: Jun 2018
Last Activity: 19 June 2018, 3:06 AM EDT
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Allow AD service account SSH to Linux systems without 2FA

I have Windows AD server and all of the linux computers are joined to AD.

Recently, 2FA has been activated, I wish to exclude some of the domain service accounts from 2FA




Code:
[root@Linux]# less /etc/pam_radius_acl.conf
sshd:*

[root@Linux]# /etc/pam.d/sshd

auth required pam_sepermit.so
auth requisite pam_defender.so
auth requisite pam_defender.so
auth substack password-auth
auth include postlogin
-auth optional pam_reauthorize.so prepare
account required pam_nologin.so
account include password-auth
password include password-auth
session required pam_selinux.so close
session required pam_loginuid.so
session required pam_selinux.so open env_params
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session include password-auth
session include postlogin
-session optional pam_reauthorize.so prepare

[root@Linux]# less /etc/ssh/sshd_config 
UsePAM yes
ChalllengeResponseAuthentication yes



Moderator's Comments:
Allow AD service account SSH to Linux systems without 2FA Please use CODE tags as required by forum rules!

Last edited by davidpar007; 3 Days Ago at 03:06 AM.. Reason: Added CODE tags.
Sponsored Links
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
[Tip] Using DHCP for Managed Systems Service Processors bakunin AIX 0 05-07-2014 09:34 AM
Solaris 8: root can't ssh to other systems. aixlover Solaris 7 10-14-2011 04:20 PM
How ti check if passwordless ssh is enabled between two systems vickylife Shell Programming and Scripting 5 09-19-2009 01:22 PM
how to install ssh service in linux hwk07 IP Networking 15 08-28-2009 04:09 PM
On HP Systems, how do you enable an account?? TRUEST UNIX for Dummies Questions & Answers 1 07-10-2003 12:02 PM



All times are GMT -4. The time now is 08:40 PM.