{"id":917,"date":"2013-12-14T13:17:08","date_gmt":"2013-12-14T18:17:08","guid":{"rendered":"http:\/\/zitstif.no-ip.org\/?p=917"},"modified":"2014-04-05T21:45:05","modified_gmt":"2014-04-06T02:45:05","slug":"getting-authy-ssh-to-work-or-at-least-what-worked-for-me","status":"publish","type":"post","link":"http:\/\/zitstif.no-ip.org\/?p=917","title":{"rendered":"Getting authy-ssh to work (or at least what worked for me)"},"content":{"rendered":"<p>This will be a relatively short post. It is my objective for this post to be useful for other individuals who are having issues setting up authy-ssh on their Secure Shell servers. First, if you&#8217;re not familiar with two-step verification, have a look at this:<\/p>\n<p><a title=\"https:\/\/en.wikipedia.org\/wiki\/Two-step_verification\" href=\"https:\/\/en.wikipedia.org\/wiki\/Two-step_verification\" target=\"_blank\">https:\/\/en.wikipedia.org\/wiki\/Two-step_verification<\/a><\/p>\n<p>I was inspired to install this on one of my SSH servers due to enabling this feature on my Gmail account:<\/p>\n<p><a title=\"http:\/\/googleblog.blogspot.com\/2011\/02\/advanced-sign-in-security-for-your.html\" href=\"http:\/\/googleblog.blogspot.com\/2011\/02\/advanced-sign-in-security-for-your.html\" target=\"_blank\">http:\/\/googleblog.blogspot.com\/2011\/02\/advanced-sign-in-security-for-your.html<\/a><\/p>\n<p>I had heard about authy-ssh a while back through news.ycombinator but had never put the time into setting it up. To set it up you can follow these directions:<br \/>\n<a title=\"https:\/\/www.authy.com\/products\/ssh#installation\" href=\"https:\/\/www.authy.com\/products\/ssh#installation\" target=\"_blank\"><br \/>\nhttps:\/\/www.authy.com\/products\/ssh#installation<\/a><\/p>\n<p>I ran into issues though. My SSH server did not possess &#8216;seq&#8217; and I received error messages from the authy-ssh script that were not very clear. I then dug into the authy-ssh shell script and discovered that it heavily depended on &#8216;curl&#8217; connecting to Authy&#8217;s web servers over https. &#8216;curl&#8217; would give me SSL certificate errors and I&#8217;m highly confident this is an issue with &#8216;curl&#8217; on my server and not Authy&#8217;s SSL certificates. To bypass this issue in the authy-ssh script at lines 398, 482, 497, 533, and 605 you will need to add on the &#8216;-k&#8217; flag to &#8216;curl&#8217; to ignore the SSL certificate errors. I will warn you that this is NOT very secure but if you need authy to work, this should work.<\/p>\n<p>In addition to this, you may want to run this shell script as well:<\/p>\n<p><a title=\"http:\/\/zitstif.no-ip.org\/authyfix.txt\" href=\"http:\/\/zitstif.no-ip.org\/authyfix.txt\" target=\"_blank\">http:\/\/zitstif.no-ip.org\/authyfix.txt<\/a><\/p>\n<p>The authy-ssh bash shell script does a check to see if bash exists or if seq exists. If you&#8217;re on an OSX system, the OSX equivalent of &#8216;seq&#8217; is &#8216;jot&#8217;. The equivalent of &#8216;seq 10&#8217; with &#8216;jot&#8217; is &#8216;jot &#8211; 1 10&#8217;.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This will be a relatively short post. It is my objective for this post to be useful for other individuals who are having issues setting up authy-ssh on their Secure Shell servers. First, if you&#8217;re not familiar with two-step verification, have a look at this: https:\/\/en.wikipedia.org\/wiki\/Two-step_verification I was inspired to install this on one of &hellip; <a href=\"http:\/\/zitstif.no-ip.org\/?p=917\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Getting authy-ssh to work (or at least what worked for me)<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[682,677,95,679,681,680,528,49,678],"class_list":["post-917","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-authy","tag-authy-ssh","tag-bash","tag-jot","tag-more-secure-ssh","tag-seq","tag-shell-script","tag-ssh","tag-two-factor"],"_links":{"self":[{"href":"http:\/\/zitstif.no-ip.org\/index.php?rest_route=\/wp\/v2\/posts\/917","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/zitstif.no-ip.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/zitstif.no-ip.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/zitstif.no-ip.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/zitstif.no-ip.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=917"}],"version-history":[{"count":10,"href":"http:\/\/zitstif.no-ip.org\/index.php?rest_route=\/wp\/v2\/posts\/917\/revisions"}],"predecessor-version":[{"id":926,"href":"http:\/\/zitstif.no-ip.org\/index.php?rest_route=\/wp\/v2\/posts\/917\/revisions\/926"}],"wp:attachment":[{"href":"http:\/\/zitstif.no-ip.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=917"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/zitstif.no-ip.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=917"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/zitstif.no-ip.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=917"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}