Ukusetshenziswa kwe ukuqinisekiswa okuyizinyathelo ezimbili kuyanda njengoba isikhathi sihamba, futhi ingabe leyo ukuphepha Ngokusobala iba yindaba ebaluleke kakhulu kumakhompyutha ethu ngoba inani lemininingwane esiligcina kuwo landa inyanga nenyanga, ngokulingana nesikhathi esichitha kuwo wonke amadivayisi ethu. Futhi yize abaningi becabanga ukuthi iphasiwedi enhle ibasindisa enkingeni, lokhu kuyiqiniso kuphela, ngoba ebusweni bokungenayo okwenziwa ngabaduni ezindaweni eziningi, kuncane futhi akukho okungenziwa uma igama lethu elingukhiye lokungena litholakele.
Ake sibone lapho, ungangeza kanjani ukuqinisekiswa okuzinyathelo ezimbili ku-SSH, okuthile okuzosivumela nikeza ukufinyelela okukude okuphephile kumaseva ethu, kithina nakwalabo abangena kuma-akhawunti abo, ukuze kuqinisekiswe ukuphepha okungaguquguquki. Kulabo abangayazi ngokuphelele le ndlela, yithi iqukethe sebenzisa iphasiwedi bese ikhodi ethunyelwa ngomzila ohlukile (ngokwesibonelo, kuselula yethu) ukuze ngokuhamba kwesikhathi singene kuyo futhi ekugcineni sikwazi ukufinyelela kuma-akhawunti ethu.
Indlela elula yokwengeza ukuqinisekiswa okuyizinyathelo ezimbili nge-Google Athenticator, ithuluzi inkampani yaseMountain View elisungule lezi zinhloso futhi elisuselwa emazingeni avulekile afana ne-HMAP futhi liyatholakala kuzingxenyekazi ezahlukahlukene, iLinux phakathi kwazo. Kepha futhi, njengoba kunamamojula we-PAM waleli thuluzi, singakwazi uyihlanganise nezinye izixazululo zokuphepha njenge-OpenSSH, ngakho-ke yilokhu kanye esizokubona ngokulandelayo.
Akunasidingo sokusho, sizodinga ikhompyutha eneLinux ne-OpenSSH esivele ifakiwe, okuthile esikwenza ku-Ubuntu ngokulandelayo:
sudo apt-get ukufaka i-opensh-server
Ngemuva kwalokho, ukuthola isisombululo seselula sizosuselwa ku-Android ngakho-ke sizodinga ithebhulethi noma i-smartphone ngohlelo lokusebenza lweGoogle, lapho sizofaka khona ithuluzi leGoogle njengoba sizobona ngokuhamba kwesikhathi. Manje sesikulungele ukuqala inqubo.
Okokuqala, kufanele faka isiqinisekisi seGoogle, okuthile esimweni soBuntu kulula njengokusebenzisa okulandelayo kukhonsoli:
sudo apt-get ukufaka libpam-google-authenticator
Uma kukhonjiswa iphutha lapho sixwayiswa khona ngokushoda kwefayela ezokuphepha / pam_appl.h, singayixazulula ngokufaka iphakheji ye-libpam0g-dev:
sudo apt-get ukufaka libpam0g-dev
Manje njengoba isiQinisekisi se-Google sisebenza, singakhiqiza ukhiye wokuqinisekisa ngokwenza:
i-google-authenticator
Ngemuva kokwenza kanjalo sizobona a Ikhodi ye-QR kanye nokhiye wokuphepha ngaphansi kwayo (eceleni kombhalo othi 'Ukhiye wakho omusha oyimfihlo uthi: xxxx', ngaphezu kokhiye wokuqinisekisa namakhodi okuphuthumayo, esiwasebenzisayo uma kwenzeka singenayo i- Idivayisi ye-Android. Siphendula imibuzo ebuzwayo mayelana nokumiswa kweseva, futhi uma singaqiniseki kakhulu ukuthi singaphendula ngoyebo kubo bonke njengoba ukumiswa okuzenzakalelayo kuphephile.
Manje kufika isikhathi setha isiqinisekisi seGoogle ku-Android, esilanda isicelo ku-Google Play Isitolo. Lapho sikwenza, siyabona ukuthi sivunyelwe ukukhetha phakathi kokufaka ibhakhodi noma ukufaka iphasiwedi, esingasebenzisa kuyo ikhodi ye-QR esiyibonayo lapho silungisa leli thuluzi kuseva, noma ukufaka iphasiwedi enezinhlamvu. Okokugcina sikhetha inketho 'ssh ukuqinisekiswa' bese sibhala ikhodi.
Ngemuva kwalokho sizobona isikrini sokuqinisekisa, lapho sichazelwa khona ukuthi inqubo iphumelele nokuthi kusuka kulowo mzuzu kuqhubeke sizokwazi thola amakhodi wokungena ngemvume kulolo hlelo lokusebenza, ngakho-ke manje sizobona isinyathelo sokugcina, okuwukusebenzisa i-Google Authenticator kuseva ye-SSH. Sikhipha:
sudo gedit /etc/pam.d/sshd
futhi sengeza umugqa olandelayo:
i-auth iyadingeka pam_google_authenticator.so
Manje:
Isudo gedit / etc / ssh / sshd_config
Sibheka inketho I-ChallengeResponseUkufakazela ubuqiniso futhi sishintsha inani lalo libe ngu 'yebo'.
Ekugcineni siqala kabusha iseva ye-SSH:
Sudo service ssh qala kabusha
Sikulungele, futhi kusukela manje singakwazi ngena ngemvume kuseva ye-SSH ngokuqinisekiswa okuyizinyathelo ezimbili, esenza inqubo ejwayelekile kepha sizobona ukuthi ngaphambi kokufaka iphasiwedi yethu sicelwa ikhodi yokuqinisekisa; bese sisebenzisa uhlelo lokusebenza ku-Android futhi lapho sibona ikhodi yokuphepha siyifaka kukhompyutha (sinemizuzwana engama-30 yalokhu, ngemuva kwalokho kwenziwa ukhiye omusha) bese sicela ukuthi sifake ukhiye wethu we-SSH impilo yonke.