Controls/gitea-pages
0
2
Fork 0
Code Pull Requests Actions Activity

add documentation on how to enable MFA

Browse Source
This commit is contained in:
ebner
2024-12-11 10:30:12 +01:00
parent d8e2bd8fa2
commit 12cda127b3
2 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
_toc.yml
+1
View File
@@ -67,6 +67,7 @@ chapters:
- file: admin-guide/configuration/access/eaccounts
- file: admin-guide/configuration/access/sshd_configuration
- file: admin-guide/configuration/access/ssh_host_hopping
- file: admin-guide/configuration/access/mfa
- file: admin-guide/configuration/software
sections:
- file: admin-guide/configuration/software/packages
admin-guide/configuration/access/mfa.md
+13
View File
@@ -0,0 +1,13 @@
# MFA - Multi Factor Authentication
MFA can be enabled on any standard system with following configuration:
```yaml
aaa::radius_auth: true
aaa::radius_shared_secret: ENC[PKCS7,MIIBuQYJK...9Z82qA==]
aaa::radius_servers: [ 'nps01.psi.ch', 'nps02.psi.ch' ]
aaa::radius_timeout: 60
```
Prerequisite for this is, that your server can reach the RADIUS servers (in the example nps01.psi.ch and nps02.psi.ch) and that you received a shared secret from the RADIUS admin.
(at the time of writing the RADIUS server are supported by group 9521)