Hi ,
I’m trying to activate MFA on my system but once I’m configuring the keyboard-interactive methods , it is not allowed and so my sshd service won’t restart .
What I’m doing wrong ???
Here is the update that I have made to /etc/ssh/sshd_config file
PermitRootLogin no
PubkeyAuthentication yes
IgnoreRhosts yes
PasswordAuthentication yes
PermitEmptyPasswords no
KbdInteractiveAuthentication yes
UsePAM yes
AuthenticationMethods publickey,keyboard-interactive
The /etc/pam.d/sshd file is updated like this
# auth substack passw-auth
auth required pam_google_authenticator.so nullok
Then when I’m restart my sshd service
I got the following error
sshd[5723]: Disabled method "keyboard-interactive" in AuthenticationMethods list "publickey,keyboard>
AuthenticationMethods cannot be satisfied by enabled authentication methods
sshd.service: Main process exited, code=exited, status=255/EXCEPTION
Why is it not working properly ?
If I remove the keyboard-interactive method , then it is logging well automatically with my keys.
I want to authenticate with the key and the OTP
Many thanks
Olivier