Use TOTP
Learn how to use any rfc6238 compliant token generator, e.g. Google or Microsoft authenticator
To change between the different two-factor-authentication methods, you must open the configuration file locate on your rport server at /etc/rport/rportd.conf
with a text editor.
Scroll down and look for the examples of TOTP. Remove the comment (hash) signs so your configuration looks like the sample below:
👉 Very likely, you will have some other 2fa default method enabled. You must disable it. Look for the line two_fa_token_delivery = 'smtp'
or two_fa_token_delivery = '/usr/local/bin/2fa-sender.sh'
. Put a comment (hash sign) at the beginning of the line to disable it.
After having done the changes, restart the rport server by executing systemctl restart rportd
.
Now open the user interface in your browser and login in with username and password. You will be prompted to scan the QR code with your authenticator app, or you can copy the secret to your desktop app. The secret is displayed just once.
From now on, you must always enter your username, the password and a token generated by the authenticator app.
Last updated