| These are much more sensible that the OP's solution. Just to be clear to anyone reading, because it's not really explained: * OP double-protects the SSH key. It means you need the key's passphrase and another factor (Google authenticator) to decrypt the ssh key. Then the ssh key is used to auth with the server. => the authentication with the server is still one factor auth, compromising the key at any level still grants access. => obligatory analogy: OP did like that: put your car key in a box that also has a key. Attacker just need a copy of the key in the box to open the door (granted that he won't use any physical attack on the door :p) => 2 (or more) factor authentication should always be used on the component that does the final authentication. * People using ForceCommand apply the 2 factor at the last step of authentication, that is, once the ssh key authenticated you correctly, you still need to authenticate to something else before being given access. => obligatory analogy: now you have a key and a cellphone. you turn the key in the car and the door doesn't fully unlock. you gotta enter a code given by the cellphone before it actually opens. if the attacker get a copy of your key, it's not enough. if the attacker gets a copy of your phone's passcode (even thus it changes each time), its not enough. |
This is not correct. You can't decrypt a key with a one time password.
The OP is requiring a the second factor(the OTP) after the key is sent to the server and authenticated.