Posts

Showing posts with the label Two-Factor

How to get llama 2 up and running , in a VM, with no GPU, and limited memory on Ubuntu

Image
OK I decided to write this up after unsuccessfully being able to find all the required info I needed in one place. In this setup we will be using Ubuntu Server 22.04.2 LTS as the OS. I have this running on a home lab ESXi server 8, on a HP Compaq Pro 6300 SFF CPU = Intel Core i7-3770 Installed Memory 16 GB I have some 10K SAS drives installed for the VM's If you have not already, navigate to  Get Ubuntu Server | Download | Ubuntu and download the 22.04.2 LTS ISO Next Lets create our VM that we are going to run this in. *Note Im using ESXi however you can probably do this in Workstation, Fusion, VirtualBox etc The main things to note on the VM creation. Set Ubuntu 64 bit as the guest OS Set your CPU relevant to the physicals CPU, I will be starting with 4 VCPU Set your Memory to as much as you can tolerate, I will be using 12 Disk Space - we are creating a 100G swap file, and the rest of the file can take up some room , so more is better if you can afford it Dont forget to add the U

Horizon View 2-factor Authentication for Free! with Google Authenticator or others

Image
So after quite a bit of work on my proof of concept google authenticator server, a colleague pointed out that LinOPT has already created this, along a whole slew of other options. So after spending a couple of nights reading and testing I figured id post a simple walk-through to get this up and running in your environment. As mentioned in the title this is a Free solution , however if you are wanting to scale this in a large organization you would most likely want to explore their support contracts , this is a good fall back when things just don't work and this also help the developers keep this type of software free for the rest of us. To start off we want to create 2 objects in Active Director. The first is just a standard user account LinOTP will use to connect to your domain. You can put these any where in your domain as we will access them directly later. In my case i create one called 'LinOTP Svc' and put it in the default Users OU. Next create a Global or

VMware View 2-factor authentication with Google Authenticator - Part Four

Image
Adding View to the Mix. Now that we have (almost) everything setup on the Linux server side, we just need to finish the view configuration and the client portion. Open up the View administrator, navigate to View Configuration > servers. Select the Connection Servers tab Select your Server and click the Edit button. in the "Edit Connection Server Settings" pop up window, change 2-Factor authentication to RADIUS Check enforce 2-factor and windows user name matching On Select Authenticator Select New. Update the fields with your information. We are now down with the View Configuration. download and install the google authenticator app for your device: https://support.google.com/accounts/answer/1066447?hl=en Now we sill set up the user to authenticate. Open up a putty session to your ubuntu server. type su someADusername you should now be logged in as that users run gauth, this will generate the QR code to scann from the install app on your

VMware View 2-factor authentication with Google Authenticator - Part Three

Image
Installing Google Authenticator pbis-open and freeradius Now that we have the VM and Ubuntu installed, we now need to install our packages. First make sure you have a DNS record for the server in active directory, as we are going to need it. This must be done first! Also create a AD security group named: GG_S_GOOGLE_AUTH_DISABLED Once done, go back to your console and run the following: sudo su enter your password apt-get update apt-get dist-upgrade say Y when prompted apt-get install ntp say Y when prompted apt-get install ntpdate should not prompt ntpdate pool.ntp.org Now we are going to install pbis-open for our connection to Active Directory wget -O - http://repo.pbis.beyondtrust.com/yum/RPM-GPG-KEY-pbis|sudo apt-key add -  wget -O /etc/apt/sources.list.d/pbiso.list http://repo.pbis.beyondtrust.com/apt/pbiso.list  apt-get update apt-get install pbis-open say Y when prompted Once that completes we can Join our Ubuntu server to the domain. domainjoin

VMware View 2-factor authentication with Google Authenticator - Part Two

Image
Installing Ubuntu 16.04 Now that the VM is powered on and you in the console window select English, then Install Ubuntu server. (some times it appears that its frozen, this is just the client having issues re-drawing, close and reopen the console and your good to go) Basic stuff here, choose English again Select your country don't detect keyboard layout (unless you have a non qwerty keyboard) Finish selecting your keyboard layouts. And wait for some stuff to load You will be prompted to give your server a host name. Put in the FQDN you plan to use. create a user, this is a local user so nothing fancy, and a password: For the purpose of this demo I have chosen not to encrypt my home directory. Select your time zone if the one that comes up is not correct. Unless you know what your doing just use the defaults for setting up the disk. Write your changes to the disk Select Continue And then Confirm. Bunch of stuff will install. You will be prom

VMware View 2-factor authentication with Google Authenticator - Part One

Image
Ok so I though this was going to be a simple step by step process. Considering there is already a published document out there on this.  However come to find out not only is this completely out dated, but half the stuff is wrong, Not only is this doc wrong in so many parts, but searching documentation on the internet is wrong as well. However after several days of testing, and looking up error codes, and then re-testing and chasing rabbits down holes that led me no where I finally got this up and running, and I'm able to consistently reproduce the results. I'm going to walk you step by step how to set this up for a single connection server for dual factor authentication. Part 1 : Get Ubuntu 16.04 and install it! Go over and grab the 16.04 LTS ISO  from ubuntu.com  (64 bit) Download it, put it on a Share in your vSphere environment so you can build a new VM. Once that is done lest build the VM. Always choose custom Give it a Name I d