Two-factor authentication (2FA) is a security feature that adds an extra layer of protection to your Linux server by requiring two forms of identification: something the user knows (such as a password) and something the user has (such as a smartphone). This helps prevent unauthorized access even if the password is compromised.
Here's how you can set up 2FA on your Linux server:
1.Install and configure Google Authenticator
Google Authenticator is a popular 2FA app that generates time-based one-time passwords (TOTPs). You can install Google Authenticator on your smartphone and use it to generate TOTPs that you'll need to log in to your Linux server.
To install Google Authenticator on your Linux server, run the following command:
sudo apt-get install libpam-google-authenticator
After installation, run the following command to set up Google Authenticator for your user account:
This will create a new secret key and display a QR code that you can scan with the Google Authenticator app on your smartphone. The app will generate a new TOTP every 30 seconds.
auth required pam_google_authenticator.so