Setting Up a Quick Nginx Page and Google Auth for 2FA on Centos 7 - blake-anderson/SEC-440 GitHub Wiki

Add a new sudo user-

adduser blake passwd blake usermod -aG wheel blake

Nginx-

yum install nginx

Move all files in /usr/share/nginx/html to a different folder, or delete

Create a new html page in that directory, restart nginx

Google authenticator

Do this in a SSH session so you can get the QR code!

yum install google-authenticator

google-authenticator (say yes to everything by default, make sure to run as user you made, not root!)

sudo nano /etc/pam.d/sshd

Add the following line to EOF-

auth required pam_google_authenticator.so

sudo nano /etc/ssh/sshd_config

comment out line- ChallengeResponseAuthentication no

uncomment line- ChallengeResponseAuthentication yes

To disable root change the following line-

PermitRootLogin no

sudo systemctl restart sshd.service

Next time you login via ssh, there will be 2fa!