Share via

Secure SSH access using Azure Multi-Factor Authentication

  • Article

From Azure MFA server:
**
Enable RADIUS authentication -> Add IP address for SSH server (ex, Linux server IP)

**

Target tab -> Windows domain radio button: Windows Domain Authentication is configured (For testing)
**

Now click the Users icon in the left side menu in the Agent Server**

A user “user1” has been imported from Active Directory

Go to the Linux box you will be connecting to via SSH
**
**
NOTE: In this example, we are running Ubuntu.

Refer to the link below:
“SSH Authentication Using Hosted RADIUS
http://www.ironwifi.com/ssh-authentication-ironwifi-radius/

In this example:

root@th-ubuntu:/# cat /etc/raddb/server
10.0.0.5 radius 60

Testing Authentication, the phone rings upon entering a password.
**
**

% To enable or disable MFA authentication, open /etc/pam.d/sshd and comment or uncomment “auth required pam_radius_auth.so”

% Authentication log,

root@th-ubuntu:/etc/pam.d/pam_radius-1.3.17# cat /var/log/auth.log