one time passwords for ssh logins

this is very easy on nixos:

1. change your pam/ssh configuration
     security.pam.enableOTPW = true;
     services.openssh = {
       enable = true;
       ports = [ 20202 ];
       gatewayPorts = "yes";
       passwordAuthentication=false;
       permitRootLogin = "yes";
     };
     $ nixos-rebild switch
2. generate passwords:
     $ otpw-gen > ~/temporary_password.txt
3. print the temporary_password.txt list and take it with you


documentation

Powered by MediaWiki