SSH Password + 2FA/TOTP/OTP

[SalehAlolayan]

Is your feature request related to a problem? Please describe.

Dear Sir,

First i would like to thank you for your fork, its amazing,
I'm facing an issue with TOTP and passwords in SSH, where i have saved the username and password in the connection profile, however when i connect it prompt for the verification code(OTP) but some how its not working i have tried to play around in the app and on the VM it self but with no luck, i have even tried the solution in the WIKI, but its not working i have to delete the password from the profile then it will work in when it connect it will ask for the password then the verification code.

Describe the solution you'd like
I was wondering if its passable to have a pop-up that ask the user for the OTP then connect for example:

• user will enter the username and password to the profile and save it.
• he/she will click on the connection to start a session
• before connecting the app will ask for the OTP and it will pass it when it sees: " Verification code: ", or even better the user can choose in the profile editor to what it should look for before pop-up for the OTP so it will be ease to fit all OTPs and so on

deeply appreciate your time and efforts.
I'm using Debian i would be happy to test .deb files if you need a help in the testing "during the weekend i can test them ;)", it will be a great Add-on since no other Linux ssh managers can do the OTP part

[gfrenoy]

Thanks for your positive feedback :)

For sure we have to do something to support MFA properly.

To correctly understand your issue can you describe what you mean by "when i connect it prompt for the verification code(OTP) but some how its not working" ?

I would suspect it's a problem with the "Command Prompt" ; did you try to add |Verification code: to it ? If you are still using the default, it should then be [#%\$>]|\:\/\s*|Verification code:$.

And if you can provide some environment where I can test this out, that'd be easier to troubleshoot this further.

[SalehAlolayan]

Dear Gfrenoy,
Good day,

I meant, have followed the 2FA guide in the wiki and put the username and passwd then switched to manual and clicked connect, and it passes the username and passwd and its waiting for the verification code, however when i entered the code its visible where it shouldn't and after a while it disconnect because i didn't enter the Verification code even though i did. (i hope its clear now), even after the regex change you proposed still same behaviour.

as per the environment, its a centos 8 vm with google authenticator installed to have a clone environment:

• setup the centos vm (in my case headless)
• install google authen
  run the following commands :
  google-authenticator -s ~/.ssh/google-authenticator
  y
  y
  n
  y

sudo vim /etc/pam.d/sshd
#add the bellow line to the end
auth required pam_google_authenticator.so secret=/home/${USER}/.ssh/google_authenticator

sudo vim /etc/ssh/sshd_config
#change this line to yes
ChallengeResponseAuthentication yes

sudo systemctl restart sshd

restorecon -Rv ~/.ssh/

if you faced any issue i have used the guide bellow:
https://www.digitalocean.com/community/tutorials/how-to-set-up-multi-factor-authentication-for-ssh-on-centos-8

[gfrenoy]

Unfortunately, not much time to setup this kind of environmnet for myself. Any machine I can connect to ? Don't even have to have access to the machine, just need to be able to try from any remote location ... I can provide my IP address if you need to open some firewall. Check on our IRC channel to get in touch. Thanks.