To help future administrators who have multiple users, who haven’t set up their google authenticator yet, you can add “nullok
” to the line in /etc/pam.d/sshd
to allow users one time access to ssh so they can then set up their authenticator app. This should work on Ubuntu 20.04, Ubuntu 22.04, Raspberry Pi OS, and MacOS.
The final line in /etc/pam.d/sshd
would look like this:
# /etc/pam.d/sshd
# Two-factor authentication via Google Authenticator. If you want to
# allow new unsetup users to get into ssh to first configure google-auth,
# then add nullok to the end of this line.
auth required pam_google_authenticator.so nullok
DONATE! If this tutorial it worked for you (which it should have), you could spread the love back and donate some change to my paypal, bitcoin address, or altcoin addresses.
PAYPAL:
BITCOIN (BTC) ADDRESS:
bc1qxsqy0nl8f2rqsgpzzr8eh3c67vz7kjr2djyku4
BITCOIN CASH (BCH) ADDRESS:
qzdkv8sz8zf57urafd8urhg7jdej6u892v3z088nvr
ETHEREUM (ETH) ADDRESS:
0x8C33CD44a083D605DBb65Ba4eC201f30Af88705c
ZCASH (ZEC) ADDRESS:
t1dxu9KN1pSYNoMNxYMzCNhcHJhGZmwPW9n
MONERO (XMR) ADDRESS:
4A2p4k6vSGviUxoZvwQkAX8VBQE6tQncmZUS5mZ8YS9cZ2BQ4cc2CZXdMVg4vtFoxh3XrXQECWm95Gq2FpyRtvFz2yNZuYy
FINISHED! Congratulations, you have successfully set up google authenticator while allowing first time users to still login and configure it with their authenticator app