mina-sshd icon indicating copy to clipboard operation
mina-sshd copied to clipboard

Published 20 hours ago verified publisher icon apache

Add Support for Multi-Factor Authentication

Open fherbreteau opened this issue 1 year ago • 1 comments

Description

Mina SSH Server should have a way to handle multi-factor authentication using a generic mecanism that will be implemented as need (Google Auth, Authy, ...)

Motivation

This improvement can also improve security as required in some companies which require a private key and a security code.

Alternatives considered

No response

Additional context

No response

fherbreteau avatar Nov 14 '23 09:11 fherbreteau

Support for PKCS11 hardware security modules is not implemented in Apache MINA sshd, but could be added via the SunPKCS11 security provider. JGit did so.

Support for FIDO keys (sk_* keys) would be similar, but as there is no standard access library in Java, one would have to write one first, possibly using JNA.

tomaswolf avatar Dec 10 '23 20:12 tomaswolf