File Manager When 2fa SSH active

Thering1975 · July 30, 2023, 8:31am

Hi

Not a bug just a comment but thought i would drop this here for anyone else (and myself when i forget in a year)

Im adding additional layers of security pn my servers at the moment, of which i have started adding Google 2fa to SSH logins. This works a treat as an extra deterrent, but then i noticed HestiaCP file manager could no longer access the files.

As such i had to add the following lines at the bottom of the sshd config under the existing hestia entries so requests by certain users do not require 2fa:

# Hestia SFTP Chroot
Match User sftp_dummy99,admin,YOURHESTIAUSERNAMES
    PasswordAuthentication no
    AuthenticationMethods publickey

Now all requests by the above users can access as normal and all other server level users require 2fa authentication to ssh in

eris · July 30, 2023, 9:01am

Please not in this case you would be able to use Password authentication any more if you would like to use sftp…

Personally I don’t care about it because I had passwords anyway…

Thering1975 · July 30, 2023, 9:23am

Yes that is correct i cannot ftp due to 2fa which is obvious side effect, but then thats what your file manager is for, so i do not have to use sftp externally for the rare time i need it. So best of both worlds