[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2FA Tips


For the future, I got this working.  Its not hard.

The return from ssh_userauth_publickey_auto was SSH_AUTH_PARTIAL, so
the next step is authenticate_password(session).  That will put up a
password prompt where the user can do the 2fa.

2 factor
two factor
2FA

On Tue, Mar 2, 2021 at 7:36 AM maxres default <mcqueenorama@xxxxxxxxx> wrote:
>
> Your guess is very good.  I'm getting an SSH_AUTH_PARTIAL from
> ssh_userauth_publickey.  It requires some keyboard interaction.  I
> guess that means I can simply put in a case there to get some user
> input whenever I get SSH_AUTH_PARTIAL from ssh_userauth_publickey.  I
> think there might be some code in the examples dir to help get a
> keyboard interaction going.
>
> B
>
> On Tue, Mar 2, 2021 at 7:26 AM Aris Adamantiadis <aris@xxxxxxxxxx> wrote:
> >
> > Hi,
> >
> > Could you be a bit more specific? Do you see that prompt when you use
> > OpenSSH client but not with libssh? My guess is that your server is
> > using keyboard-interactive for 2FA. There are authentications functions
> > to handle keyboard-interactive with libssh, but it's not
> > event/callback-driven.
> >
> >
> > Aris
> >
> > Le 2/03/21 à 16:17, maxres default a écrit :
> > > I've got a 2FA prompt that comes up from time to time from a backend,
> > > at the end of public key auth.  Does anybody know what to do about
> > > that?  I don't see a place for a callback in the API at that point.
> > >
> > > B
> > >
> >

References:
2FA Tipsmaxres default <mcqueenorama@xxxxxxxxx>
Re: 2FA TipsAris Adamantiadis <aris@xxxxxxxxxx>
Re: 2FA Tipsmaxres default <mcqueenorama@xxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org