2FA for Webconfig
Before you consider using this app, be sure that outbound port 25 is open on your Internet connection. If not, you will not be able to receive the email as it is sent from your ClearOS installation. To test if your outbound port 25 is open, execute 'telnet example.com 25' on command line. If you receive a connection error or no response, outbound port 25 is blocked. You'll need to contact your ISP to open that port as ClearOS is not reponsible for this problem.
It is very important to use a very strong password to prevent unauthorized access to your ClearOS installation (if not everything you use that connects to the Internet). 2 Factor Authentication adds another layer of security by requiring another way to identify you as an authorized user. Keep in mind that this feature only protects Webconfig.
If you did not select this module to be included during the installation process, you must first install the module from the Marketplace.
To install this module from command line, execute the following:
yum install app-two-factor-auth
You can find this feature in the menu system at the following location:
System|Accounts|2FA for Webconfig
The settings for 'Verification Code Size', 'Verification Code Expiration', and 'Token Expiration' apply to all users.
'2FA for Superuser (root) Account': Enable or disable 2 Factor Authentication for 'root' account access to Webconfig.
'Superuser E-mail': This is the email address that the 2 Factor Authentication code will be sent to.
'Verification Code Size': This is the length of the code. You can choose between 3 and 16. 6 is the default and recommended size.
'Verification Code Expiration': This is the length of time which will trigger the need for another email (with a different code) to be sent to the email on file.
'Token Expiration': This is the length of time which will trigger the requirement to login again using the root credentials.
You can enable 2 Factor Authentication for any user through this app or through the Users module (System > Accounts > Users).
After User Authentication on Webconfig
Once you authenicate using your username and password, this screen will appear and require you to enter the correct code sent to you via email.
If you believe it's been longer than the time you've set as 'Verification Code Expiration' and the code emailed to you no longer works, click 'Resend Code'. Recheck your email for the new code.