Enforce 2fa on user login

Overview: This article provides an overview of Two-Factor Authentication (2FA) implementation options: enforcing 2FA globally for SSH and web interfaces, and selectively for user groups, along with configuration instructions and method setup details.

You have two options for implementing Two-Factor Authentication (2FA) for user logins:

1. Enable 2FA for all users globally.

2. Implement Two-Factor Authentication (2FA) for designated user groups as per their specific requirements and access levels.

1. Enable 2FA for all users globally.

Enable the force 2fa to enforce Two-Factor Authentication (2FA) for both Ezeelogin backend (ezsh) and the web interface, requiring all users to use 2FA globally for added security.

Step 1(A): Under Settings -> General -> Two-factor authentication -> enable force 2fa.

2. Implement Two-Factor Authentication (2FA) for designated user groups

It is possible to activate mandatory Two-Factor Authentication (2FA) selectively for specific user groups based on particular requirements.

Step 2(A): Under Users -> User Groups -> Select the user group -> enable force 2fa -> save

It is possible to enable the different 2-factor mechanisms that will be available for the gateway user to setup. 

Relogin, into the Ezeelogin GUI, and the user will be prompted to set up the 2-factor method if he hasn't set up any. Set up any 2fa method of your choice from here.

To configure additional Two-Factor Authentication (2FA) methods, log in to the WebGUI and navigate to the accounts tab to set up multiple 2FA options..

We have set up Google 2fa and Access Keyword successfully and will be prompted for it. In the example below, we are using Google 2fa to log in, and hence the same would be prompted in the backend shell as well.

The Ezeelogin backend would look as follows.

Related Articles:

Configure Duo 2fa in JumpServer

Configure Yubikey 2fa in the JumpServer

How to enable Access Keyword 2fa 

How to enable Google 2fa in JumpServer

How to configure Radius 2fa in JumpServer