Two-factor authentication is becoming a security standard for large organizations. Many of you are already accustomed to using Duo to authenticate when using Box, WebEx or OSU Google GSuite apps.
In order to help ensure a more secure network, two-factor authentication is now required for logging into OSU Engineering servers for terminal or SFTP access.
This can cause problems for those not using an interactive terminal session, as there is an additional prompt that requires a response and the connection fails silently.
We can bypass the need for DUO authentication by setting up SSH Keys for our applications that use SFTP
For this you will need:
Save it to a location you will be able to easily find it and name it
Ignore the warning about the passcode. Save it to the same location as before and name it
access.engr.oregonstate.eduand enter your password when prompted
1and press enter. This will send a request to your Duo Mobile app which you will need to accept
.sshdoes not exist, execute the command
mkdir .sshfollowed by
chmod 700 .ssh
~/.ssh/authorized_keyswhich should be an empty file. If it does not exist, create it
access.engr.oregonstate.edupaste the copied public key and save the changes
chmod 600 ~/.ssh/authorized_keys
flipand click Save
SFTPfor the Protocol and enter the Host as
Key file, enter your username for User, and then browse to the location of your `id_rsa.ppk' file.
ssh-keygen -t rsa
enter. Then hit
entertwo more times to skip creating a passcode
ssh-copy-id -i email@example.com. This will publish your public key to the engineering servers.
1to send a push to your Mobile Duo app
ssh access.engr.oregonstate.eduat the terminal command line prompt. If successful, you will connect without having to enter a password or do two-factor authentication!
Dreamweaver does not like the the SSH Key format generated by the latest version of OpenSSH and the ssh-keygen untility. If you are running a recent version of macOS, including Mojave. You will need to "downgrade" your
id_rsa file using the folloing command in the Terminal app:
ssh-keygen -p -m PEM -f ~/.ssh/id_rsa
Now continue to set up Dreamweaver:
Configure as seen below, navigating to the ssh key file at
[yourUserName] is YOUR mac login name)
login as:" prompt.
drwx------) and the .ssh/authorized_keys file permission is