Skip Google Authenticator Authentication if Logging in from the Local Network
You may trust systems on you local network enough not not require that SSH connections from them use Google Authenticator. If so, modify
/etc/pam.d/sshd
so that it looks like this:auth [success=1 default=ignore] pam_access.so accessfile=/etc/security/access-local.conf
auth required pam_google_authenticator.so
Then add the file
/etc/security/access-local.conf
with the contents:# Google Authenticator can be skipped on local network
+ : ALL : 192.168.0.0/24
+ : ALL : LOCAL
- : ALL : ALL
0 comments:
Post a Comment