Comments on How to configure sudo for two-factor authentication using pam-radius on Ubuntu and CentOS

Attackers frequently use lost, stolen, weak or default credentials to escalate their privileges after they have infiltrated your network. While two-factor authentication can greatly reduce infiltration, there are other means of gaining entry such as malware. This tutorial shows how to add radius to sudo for Centos 7 and Ubuntu 14.04 for two-factor authentication with the WiKID Strong Authentication server.

3 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By: External Gorge
Reply  

This setup requires local account to be presented on the Linux box. Is it possible to eliminate the need of local accounts?

By: nowen
Reply  

Interesting point.  Something like this? https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/sssd-ldap-sudo.html?

By: DaveGlasses
Reply  

Can this be used in conjunction with pam_tally2 to lock accounts after failed attempts?

 

Thanks