Time synchronization, you can increase the window from its default Possible time-skew between the client and the server, we allow an extra Your chances to notice or even prevent man-in-the-middle attacks (y/n)īy default, tokens are good for 30 seconds and in order to compensate for Token? This restricts you to one login about every 30s, but it increases
Make sure to answer yes to the following question:ĭo you want me to update your "/home/$USER/.google_authenticator" file (y/n)īelow are three more questions you will be asked regarding how you want your tokens to function:ĭo you want to disallow multiple uses of the same authentication
Google will now generate a URL, your secret key, verification code and some emergency new secret key is: UFMT4L562NPOXQY3 We do this by logging into whatever user will be using the VPN and issuing the following command:Īt this point you will be asked several questions, the first one is:ĭo you want authentication tokens to be time-based (y/n)
Yum install gcc python-devel subversion pam.i386 pam-devel.i386 After we installed docutils lets go ahead and install all other dependencies before proceeding:.First we need to download and compile docutils ourselves because it’s not available on the default centOS yum repository:.We will also need the following packages to compile google-authenticator: We will need the following packages for mercurial: During this tutorial I assume that you are using centOS with a i386 architecture, if you aren’t make sure you edit the package names accordingly. You can see the Mercurial Version requirements here:īefore we compile mercurial we need to install several packages that we will need during this adventure. This means that we will need to download and compile it ourselves instead of using yum. Unfortunately we need to install a newer mercurial version than what is available by default on the CentOS yum repository. So are you interested so far? Good! Lets get started with setting up the application on our CentOS servers (I’m using 5.5 by the way).