Why You Might Not Want to Enable Time Based 2FA on a Remote SSH Server

June 29, 2024

This might seem against best principles in server management and protection, but if you’ve ever had a server’s time go hay-wire or you lost your phone, you’ll understand the risks you subject yourself and your company to by enabling time based 2FA on a remote server without a recovery plan in place. These situations do occur. One of the first VPS’s I launched did just that. I suspended it for the weekend and when I started it back up some days later the hardware clock had stopped ticking, I couldn’t log into any applications that had time based 2FA enabled. Thankfully I hadn’t enforced 2FA on the SSH server and was able to correct the date and time, no problem, but it was a wake up call. The risk of self-not-so-ransomware is real, although rare and not often considered. We are so used to the “Lost Password” feature on websites that we forget that locking ourselves out of our accounts even our critical accounts is a possibility.

I am not saying you shouldn’t enable time based 2FA auth on remote SSH servers, just stay safe and keep a recovery plan. See other articles I’ve written on this subject below:

Setup 2FA on an SSH Server with Recovery in Mind

How to Enable Google Time Based 2FA on a SSH Server (COMING SOON).

Walter Miely is a tech entrepreneur and CEO of Phoenix Ignited Tech You can find him on Linkedin. This material is licensed under the CC BY 4.0 License LEGAL DISCLAIMER: The content provided here is provided AS IS, and part of, or the entirety of this content may be incorrect. Please read the entireLegal Disclaimer here.

Legal Disclaimer This website and all content on this website including but not limited to educational content, tutorials, software tutorials, cyber security tutorials, server management tutorials, application tutorials, is provided "AS IS" with absolutely no warranty including absolutely no warranty of Usability or Merchantability, not even implied warranty. Read the full disclaimer here: PHOENIX IGNITED DISCLAIMER
All Logos and Copywritten material is the trademark and / or copyright of the respective owners / companies. The respective owners / companies hold all rights to the respective trademarks / copy written material and is displayed on this site strictly in accordance with any agreements between Phoenix Ignited LLC and the respective owners / companies.

+ Ave Maria +

Why You Might Not Want to Enable Time Based 2FA on a Remote SSH Server

Why You Might Not Want to Enable Time Based 2FA on a Remote SSH Server

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

This website uses the following additional cookies:

(List the cookies that you are using on the website here.)

Please enable Strictly Necessary Cookies first so that we can save your preferences!

More information about our Cookie Policy