linux – 同时使用密钥对和密码的SSH

是否可以启用ssh同时使用密钥对和密码,因此客户端需要密钥文件并且还知道密码?
为了只有一个不起作用.

我不使用半径或任何东西进行两步验证.只是想提高一点安全性.

谢谢

解决方法

https://security.stackexchange.com/questions/17931/possible-to-use-both-private-key-and-password-authentication-for-ssh-login

Now on RHEL / CentOS 7,and any system with a recent version of
OpenSSH,you can use:

AuthenticationMethods "publickey,password" "publickey,keyboard-interactive"

另见:https://lwn.net/Articles/544640/

It is also important to note that the AuthenticationMethods feature applies only to the SSH 2 protocol,and that each authentication method listed must also be explicitly enabled in the sshd_config file.

这里有一个很好的解释:

https://sysconfig.org.uk/two-factor-authentication-with-ssh.html

Match User johndoe
AuthenticationMethods publickey,keyboard-interactive

Read the commas as logical AND. On login,johndoe’s key pair will be checked first and if it’s a match,you’ll see this:

Authenticated with partial success.

Then,he will be asked for his password. So without realising,you have just set up MFA. Your key pair being what you have,the account password being what you know. This is possibly the simplest way of setting up MFA with SSH,and already better than single-factor authentication.

相关文章

/etc/sysctl.conf这个目录主要是配置一些系统信息,/etc/sys...
1.作用 useradd或adduser命令用来建立用户帐号和创建用户的起...
它们都是多模式编辑器,不同的是vim 是vi的升级版本,它不仅...
不管是我们在安装软件还是监测软件的使用性能,我们都要随时...
装好Tomcat7后,发现除了本机能访问外界访问不了,岂有此理。...
修改防火墙配置需要修改 /etc/sysconfig/iptables 这个文件,...