Secure SSH access using Azure Multi-Factor Authentication

From Azure MFA server,

Enable RADIUS authentication -> Add IP address for SSH server(ex, Linux server IP)

Target tab -> Windows domain radio button : Windows Domain Authentication is configured(For testing)

Now click the Users icon in the left side menu in the Agent Server

A user “user1” has been imported from Active Directory

Go to the Linux box you will be connecting to via SSH

NOTE: In this example we are running Ubuntu, 

Refer to the link below “SSH Authentication Using Hosted RADIUS

In this example, 

root@th-ubuntu:/# cat /etc/raddb/server radius 60

Testing Authentication, phone rings upon entering password.

% To enable or disable MFA authentication, open /etc/pam.d/sshd and comment or uncomment “auth required”

% Authentication log,

root@th-ubuntu:/etc/pam.d/pam_radius-1.3.17# cat /var/log/auth.log

Comments (0)

Skip to main content