This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

Multi-factor authentication in Security Analytics

Go to solution
TomiReiman
Beginner
Beginner

‎2016-07-18 06:05 AM

Is is possible to use or does someone have experience with using multi-factor authentication other than SecurID in Security Analytics? For example, is it possible to configure Google Authenticator at CentOS-level and use that PAM authentication for GUI authentication as well?

1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
MohamedEssam
Beginner
Beginner

‎2016-07-18 06:40 AM

Hi Tomi Reiman;

 

 

it is currently not supported according to our online documentation and latest SA version 10.6

link below

 

Configure PAM Login Capability - RSA Security Analytics Documentation

 

 

But you can use SA server as centos linux 6 and try this guide at your own risk

 

https://www.vultr.com/docs/how-to-setup-two-factor-authentication-for-ssh-on-centos-6-using-google-authenticator

 

but in this case you would add pam_google_authenticator.so under /etc/pam.d/securityanalytics

you can map it like securid example in first link

 

own risk mean we don't support this operation but I sent it as workaround if you want to try it in test environment

hopefully it might help you

 

Make sure to have physical access in case you use it for ssh

 

Best Regards

Mohamed Essam

View solution in original post

4 REPLIES 4

Go to solution
AkramHamed
Frequent Contributor Frequent Contributor
Frequent Contributor

‎2016-07-18 06:37 AM

Hello,

 

Configuring 2 factor authentication is yet not supported for GUI.

 

However, you can configure the Centos level ssh/scp pam modules for 2 factor authentication using the RSA Authentication Manager "key fobs", check below url

Authentication Agents for PAM

 

 

About the Google Authenticator server/app, you should know first that this is not supported. that being said, at your own risk, you can follow the below guide for a complete tutorial to how to set this up. I strongly recommend that you try this in a test environment first.

 

Please refer to the linux foundation blog post

Securing SSH with two factor authentication using Google Authenticator | Linux.com | The source for Linux information

 

Thanks,

Akram

Go to solution
MohamedEssam
Beginner
Beginner

‎2016-07-18 06:40 AM

Hi Tomi Reiman;

 

 

it is currently not supported according to our online documentation and latest SA version 10.6

link below

 

Configure PAM Login Capability - RSA Security Analytics Documentation

 

 

But you can use SA server as centos linux 6 and try this guide at your own risk

 

https://www.vultr.com/docs/how-to-setup-two-factor-authentication-for-ssh-on-centos-6-using-google-authenticator

 

but in this case you would add pam_google_authenticator.so under /etc/pam.d/securityanalytics

you can map it like securid example in first link

 

own risk mean we don't support this operation but I sent it as workaround if you want to try it in test environment

hopefully it might help you

 

Make sure to have physical access in case you use it for ssh

 

Best Regards

Mohamed Essam

Go to solution
TomiReiman
Beginner
Beginner

‎2016-07-18 10:05 AM

Thank you for the responses. You mentioned that MFA is not yet supported for the GUI. Is such a feature being developed and when might we expect it to hit an official release? MFA is something that we are currently running into in many cases.

0 Likes

Go to solution
MohamedEssam
Beginner
Beginner

‎2016-07-18 03:26 PM

Hi Tomi;

 

Currently no but you can open an request for enhancement support case to ask for this feature so it can be

taken into consideration but it is not guarantee that it will be implemented

 

Best Regards

Mohamed Essam

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.