Two-Factor setup

From SciNet Users Documentation
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

How to setup your Two-Factor authentication.

Before starting, download and install the 'Google Authenticator' app in your smartphone or tablet (iOS, Android, Blackberry, Windows Phone)

After you have successfully logged into Niagara, either using password or keys, type this command in the command line: 

$ autenticator_setup

Your terminal screen will clear and display this message: 

****************************************************************

You have about to setup your Two-factor authentication.

Please download and install the 'Google Authenticator' app in your
smartphone or tablet (iOS, Android, Blackberry, Windows Phone),
then press 'Enter' to continue or Ctrl-C to exit without setup.

****************************************************************

Press <enter> to continue. You will get this next message. Read it carefully: 

****************************************************************

Google Authenticator is going to generate your new secret key.

A lot of output will scroll past, including a large QR code.

At this point, use your authenticator app on your phone to scan
the QR code OR manually type in the secret key. If the QR code
is too big to scan, you can use the URL above the QR code to get
a smaller version. Once it's added, you'll see a six digit code
that changes every 60 seconds in your app.

If the QR code is too big to see it completely, you may reduce the
font size of your terminal window and enlarging the window again.

Press 'Enter' to continue or Ctrl-C to exit without setup.

****************************************************************

Press <enter> to continue. You will get this next message. Read it carefully: 


Warning: pasting the following URL into your browser exposes the OTP secret to Google:
https://www.google.com/chart?chs=200x200&chld=M  |0&cht=qr&chl=otpauth://totp/mts@nia-login07.scinet.local%3Fsecret%3DVCFN4IAS4Z6OYPHHOUQBHFO37A%26issuer%3Dnia-login07.scinet.local
                                                 
  █▀▀▀▀▀█ █ █▀▄▀█▄ █▀ █ ▀█▄ ▀  ▀▀██  ▄▀ █▀▀▀▀▀█  
  █ ███ █ ▀█▀▄  ▄▀█▄█▄ █▀▄▀ ▀ ▄▄▀███ █▄ █ ███ █  
  █ ▀▀▀ █ ▀  ▀▀ ████▄ █▀▀▀█▀ █▄▄▀█▄ ▀▀▀ █ ▀▀▀ █  
  ▀▀▀▀▀▀▀ ▀▄▀ █ █▄█▄█▄█ ▀ █ ▀ █▄█ █▄█▄▀ ▀▀▀▀▀▀▀  
  ▀ ▄██▀▀█▀█▀▄▀██▄█▄█▄▀█▀▀███ █▄█ ▄ ▄▄██▄▄█ ██▀  
     ▀▄ ▀██▄▀▄▀ █  ██▄███▄ ▄▄█▄▄██▄█▀▄▄█ ▄  ▄██  
  ▀▄█▀█ ▀█▀█▄██ █▄ █▀▀ ▀    ██▀▄▄ ▀▄ █▄ █ ██▄▄   
  █▄▀▀██▀  ▀▄▄ █▄▀▄████ ████▄█▀▄ ▄▀█▄▄▀▄█▄▄▄█▄▄  
  ▄▀▄▄  ▀▄██▄▀█▀▀  ▄███▄  ▄█▀▄  ▄▀▀███▄▄ ▄▄ ▀▄   
  ▀▄██▄▄▀ ▀█ ▄█▀█▄█▄  █▄  ▀█▄███▄▄▀▄▀▀ ██▀▄▀▄▄█  
  ▀█▀██▀▀▀█▄▄█▀ ▄▀▄▀▀ █▀▀▀█ ▄▄███ ▄▄█▄█▀▀▀██▄█   
  █▄▄▀█ ▀ ██ ▄ █   ▄ ▄█ ▀ █▀█ ▄█▄▀ ▄▀▄█ ▀ █▀█▀█  
   █▀ █▀▀▀▀▄▄▀█▀▄▀█ ▄▀▀▀█▀█ █▄█ █▄▀▄  █▀▀█▀ ▄▄   
  ██ ▀ ▄▀█ ██  ▄▄█ ██▀█▄▀▄▄█▀▀█ ▄█  ▄▀▀  █ █▄▄▄  
  ▄▄ █▀▀▀ ▀▄▀██▀▄▄▀  ▀  ▄ ▀▀  ▀ █ ▀▄██ ▀▀▄█▀▄▀▄  
  ▀ ▄██▄▀██ ▀▄▄█▄▄ ▄ █▄█  █ ▄▄▄█   █ █▀▄▀ ▀█▄ ▀  
  █▀██  ▀█▀  ▀▀██▀▀█▄█▄ ▀▀█▄▄▄███▄ ▀█▄▀ ▄▀▄▀█▄▄  
   ▄▄▄█ ▀█▄  ██ ███▀▄   ▀▄▄█▄▀▀▄▄▀▄▄█ ▄ █▄████▀  
  ▀  ▀▀ ▀▀█  ▄▄█▄  ▄▄▀█▀▀▀█▀  █▄▄▄▀▀▀▀█▀▀▀█ ▄█▀  
  █▀▀▀▀▀█ █▀▄ ▄ ▀███ ██ ▀ █▀▄█▀█▄ ██▄ █ ▀ █▄██   
  █ ███ █ █ ▀█▄  ▄▄ █▄██▀█▀▀▀ ▄▀▄███▄▄▀▀▀███ ▀█  
  █ ▀▀▀ █  ▀▄▄█▄▄  ▀▀█ █▀▀█▀▄ ▀█ █▀▀ ▄▀█▄ ▀▄█▄█  
  ▀▀▀▀▀▀▀ ▀     ▀ ▀▀     ▀▀ ▀▀▀ ▀   ▀ ▀ ▀ ▀      
                                                 
Your new secret key is: VCFN4IAS4Z6OYPHHOUQBHFO37A
Your verification code is 900480
Your emergency scratch codes are:
  22000145
  31163391
  78565881
  89503548
  88588782
  45712462
  67599332
****************************************************************

Make sure you record the secret key, verification code, and the
emergency scratch codes in a safe place.

Keep your scratch codes in the good old fashion way: in a piece of paper
in your wallet. Do not keep them in your phone or your computer

The scratch codes are used when you cannot generate a new One-Time Code.
For example, if you have lost your phone. A scratch code will give you access
to the system while you recover your phone; scratch codes can be used only once.

Please login again. You will be prompted for the One-Time Code
after you sucessfully authenticate.

Press 'Enter' to continue

You are all set!

You can now logout and login again. This time the system will ask for your One-Time Password. You just get it from your smartphone (or tablet).

You data is now safely protected.

Probably, the QR code will not fit your screen so you may not be able to scan it. The URL above, https://www.google.com/chart..., will show you a smaller version of the QR code in your browser. Please have in mind that pasting that URL into your browser exposes the OTP secret to Google.

Another way to make you QR code fit the screen is to reduce the font size of your terminal window; your window will shrink, but then you can maximize the window and most likely you will be able to scan the code.

Retrieved from "https://docs.scinet.utoronto.ca/index.php?title=Two-Factor_setup&oldid=2668"