Two-Factor Authentication for LINUX SSH

Before learning the two-factor authentication for Linux SSH, let’s have a small overview of Linux. Linux servers are one of the widest and most popular servers used by the organizations across the world. They constitute about 67% of all the public facing servers. They are one of the best and most efficient servers that can carry out the large volumes of web processes and transactions at a very low downtime.

Linux servers are highly reliable and scalable. They use SSH protocol to ensure secure login or access to remote servers. However, SSH involves the usage of the password, and a solely password-based authentication invites security threats and breaches. Passwords these days are no longer secure, for they can be hacked, cracked, or stolen using multiple methods.

Since Linux servers process large amounts of data that is mostly confidential, e.g. financial data, they are a large and favourable target to hackers and attackers. Protecting SSH logins merely with passwords may put your or an organization’s data at risk.

FairWare Ransomware targeting LINUX computers
FairWare Ransomware targeting LINUX computers

Click SSH security to read and learn more about the Linux SSH.

Why Two-Factor Authentication for LINUX SSH?

SSH or Secure Shell is a protocol that enables a user to log-in and access remotely located systems & servers securely, over an unsecured network. SSH itself not only encrypts the remote sessions but also delivers better authentication using cryptographic keys- a public key and private key.

As such, the combination of password and the cryptographic keys may seem to be a viable and stronger authentication option but it’s not, and the reason could be any of the following:

  • Cryptographic key (private key) may not be password protected and could be easily stolen.
  • Use of a simple password by the user in encrypting & protecting the private key.
  • System or device where the user has saved or stored the private key may be vulnerable to theft.

As discussed above, passwords are no longer effective to keep your servers protected from intrusion or other types of different security breaches. In addition, the introduction of concepts like BYOD (Bring Your Own Device) have brought more risk to the Linux servers by granting privilege to employees in accessing organization’s network, server and data using their personal devices like laptops, tablets and smartphones, which may be used as a gateway by attackers because of their comparably lower security levels in comparison to a server.

Two-Factor Authentication: Improving LINUX SSH security

Adopting and implementing two-factor authentication in Linux SSH enforces the server to double-check the authenticity of a user. With 2FA, user’s identity is verified and validated, using “what the user knows” and “what the user has”.

Two Factor Authentication for LINUX SSH
Two Factor Authentication for LINUX SSH

What does a user knows, is username and password.

What a user may have, is security token/code.

2FA places token-based authentication as a secure doorway between a user and the protected server. Anyone can knock on it but only the authorized user can open this door with a secret code.

Is it beneficial to secure all servers using 2FA?

Implementing 2FA protection has always proven to be beneficial irrespective of individual or organizational needs. 2FA may be implemented across all servers present within an organization, but that may create complexity in managing, accessing, and using those servers.

It is pertinent to mention that most servers are already protected and secured by the different types of versatile network security tools, such as firewalls and VPNs. However, all these network security methods may avoid and prevent intrusion only within the organization’s network boundaries.

Public-facing servers (usually very few) can be accessed and explored by any user remotely, over a maybe unsecured network, using SSH outside the organization’s secured network. As such these public-facing servers are most prone to intrusion & data-theft and require utmost protection. Thus, implementation of 2FA may be restricted to public facing servers only.

In conclusion, it may be stated that servers are meant for storing and executing large amount of business & organizational data. Therefore, expecting fullest protection of servers merely with a password is not less than a fool’s paradise. Two-factor authentication is one of the easiest and most convenient ways to ensure guaranteed and multi-layered protection to Linux servers.

Why Two Factor Authentication is Utmost Priority for Government Institutions?

In present era of digitization, the government institutions are adopting the latest technological standards and converting their services online for making the access easier to the users. These institutions have websites, servers and highly sensitive data available in the cloud for simplifying the access. Security of these digital assets is must, as hacking incidents have become too common over the past few years. So, incorporating an additional protection layer is the key to a better digital security.

Two Factor Authentication seems a powerful solution for protecting confidential data and other digital assets of government institutions against frequently increasing security threats over the Internet. As per a research, the global Two Factor Authentication market to grow steadily at a CAGR (Compound Annual Growth Rate) of around 24 percent by the year 2021. The rise in the volume of online transactions is the major drive to this increased market growth.


Security challenges and needs of the public sector (Government Institutions)

Government organizations are a likely target for cyberattacks due to the vast amount of information; including financial data, they gather and share about the market or businesses. The U.S. Federal government, being the largest employer in the country, maintains a “massive confidential data volume” on its employees and other constituents – Verizon’s 2014 Data Breach Investigations Report, which looked at security threats in more than 20 industries of different domain. Government entities face various types of security breaches like viruses and other malware, hacking incidents, malicious activities, phishing, DoS (Denial of Service), advanced persistent threats, etc.

The U.S. Federal government is on the top of the list of entities that attackers like to breach. In a report issued in October 2014, The Heritage Foundation, public policy research institute, provided a list of federal government cybersecurity breaches. Most of these breaches occurred during the year 2013 and 2014.

The organizations included in this list have been pointed below:

  • S. Federal Courts
  • Department of Energy
  • Department of Defences
  • Internal Revenue Service
  • Department of Education
  • Central Intelligence Agency
  • Federal Election Commission
  • Nuclear Regulatory Commission
  • Environmental Protection Agency
  • Department of Health and Human Services
  • NASA (National Aeronautics and Space Administration)

Government sector data breaches on rise

An analysis by Rapid7, security risk intelligence solutions provider, has reported that more than 94 million records have been breached over a 3-year period (2009-2012) due to government sector data breaches. These records were containing PII (Personally Identifiable Information). Unintended disclosure, portable devices loss/theft, physical loss, hacking, etc., were some of the leading causes of data breaches in the government sector. Majority of these records; i.e. 86 percent, were breached due to the loss or discarding of endpoint devices.

A few highlights from the report:

  • The highest number of data breaches (102) was in 2010.
  • From the year 2009 to 2010, 50 percent increase was observed in the number of data breaches.
  • The number of PII records increased by 169% from 2010 to 2011, and 138% from 2011 to 2012.

Two factor authentication becoming mandatory for Government sector – here’s why

As per IBM X-Force data, 200 million government records around the world were compromised by July month of the year 2016. This is 60 million more than all the records breached from 2013 to 2015 combined. It shows that the percentage of hacking incidents of the government records is increasing rapidly.

Security Incidents Percentage by Attack Type

  • Physical, 5.71%
  • Phishing, 8.57%
  • Malware, 14.29%
  • Heartbleed, 2.86%
  • SQL Injection, 42.86%
  • Misconfiguration, 25.71%

Major Cybersecurity initiatives in the year 2016

  • 29% Strategy
  • 37% Monitoring
  • 29% Governance
  • 29% Risk Assessments
  • 39% Training and Awareness
  • 29% Operationalizing Cybersecurity
  • 29% Identity and Access Management
  • 29% Metrics to Measure Effectiveness
  • 29% Regulatory and Legislative Compliance

To prevent the increasing number of cyberattacks on the government records globally, Two Factor Authentication has been accepted as a fruitful solution. It is an approach to move beyond password-only verification and use an added level of security in the login process.

Defining this security solution

Two Factor Authentication, commonly known as 2FA or Two Step Verification, is an extra layer of security added to the traditional username and password-based approach of accessing the online accounts or logging in to a server admin panel. 2FA requires two different types of login credentials or authentication factors – password and verification code, to verify whether the user is authentic or not.

Every authentic end user knows his account password (first factor), and the verification code (second factor) having validity of less than a minute is sent to his registered physical device. So, the user must have access to his physical device for a successful login and protection against the exploitation of stolen passwords.

Two Factor Authentication, a type of Multi Factor authentication, requires not only the username and password combination, but also something that only the user has. Hence, it makes difficult for intruders to gain unauthorised access and steal confidential data, thus improving government institutions as well as other sectors digital assets security.

As per a study, MFA (Multi Factor Authentication) market was valued at US $5.22 Billion in the year 2016. It is expected to rise $12.51 Billion by 2022 at a Compound Annual Growth Rate of 15.52 percent.

Authentication factors

Something that only the user knows – knowledge factors

Something that only the user has – possession factors

Something that only the user is – inherence factors

Why this security solution is important?

Standard online security procedures that require just username and passwords to authenticate a user are vulnerable to security breaches. With this simple form of login procedure, it has become increasingly easy for cybercriminals to compromise sensitive personal and financial data. Therefore, it is must to add an extra security layer; i.e. Two Factor Authentication security solution, as relying only on password-based authentication for digital security is not sufficient in today’s online world.

What benefits 2FA solution provide?

  • No Fraudulent Logins
  • Double checks user’s identity
  • Ensures peace of mind for both users and the system administrators
  • Alerts user in the form of a verification code when password gets compromised


Two Factor Authentication is intended to empower government institutions digital assets security by combining a strong password with additional level of security in the login procedure. Implementing Two Factor Authentication will ensure ‘no more unauthorised access to data of the authentic users’.


Two Factor Authentication is Utmost Priority for Government Institutions