Before starting
There is one thing you must know about adding two-factor authentication: Once you've set it up, without the third-party generated codes, you will not be able to gain access to your account. Every time you want to log in, you will need either your smartphone or the emergency codes (generated upon installation of the necessary tools).
What you’ll need
- You will need to already have an account on Cerberus (if you do not please stop reading now and go to https://hpc.gwu.edu/getting-access/).
- You will also need a third-party application - the University’s preferred app is Microsoft authenticator app but there are others such as Authy and Google Authenticator that you can use to generate your two-factor codes.
Configuration
- Log into Cerberus
- Run the command google-authenticator to generate the QR code to scan for the Microsoft (or other) Authenticator App
- You will want to answer ‘yes’ or ‘y’ to all the questions.
- Answering yes to the 1st question generates a QR scan code and secret key
- Also a verification code is created along with 5 emergency scratch codes.
- Each can be used only once.
- You’ll want to save these in a safe
- If you want to use the Microsoft App then you'll need to use the QR scan code provided
- Once enabled it generates verification codes (every 30 seconds).
- Make sure to keep both safe and hidden.
Click the ‘+’ sign on the top right of the 1st screen in the Microsoft Authenticator app then click the "Other (Google, Facebook, etc.)
Next is the QR scan code screen which scans automatically on the iPhone or you can enter in your account and secret key manually on the iPhone
The other questions are self explanatory; just answer ‘yes’ or ‘y’ and hit enter.
Example Set-up:
Logging in
Before you log out of your current working terminal window, we highly suggest you open a new window and attempt to secure shell (ssh) into the machine. If you cannot log in, go back through the steps, and make sure you didn't miss anything. Once you've successfully logged in that way, it's safe to logout of your current session and log back in.
