View Attach (13) Info

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
jpg
 Clipboard05.jpg 139.3 kB 1 29-Dec-2020 05:25 Ada Csaba
png
 Clipboard05.png 116.6 kB 1 29-Dec-2020 05:25 Ada Csaba
jpg
 IMG_2500.jpg 191.7 kB 1 08-Aug-2023 06:44 Sandor
jpg
 IMG_2501.jpg 464.9 kB 1 08-Aug-2023 06:45 Sandor
jpg
 IMG_2502.jpg 52.0 kB 1 08-Aug-2023 06:46 Sandor
png
 servercfg001.png 23.0 kB 5 01-Jul-2021 04:11 Sandor
png
 servercfg002.png 54.1 kB 4 06-Jul-2021 02:18 Sandor actualized v10
png
 servercfg002.png.png 54.1 kB 1 06-Jul-2021 02:12 Sandor actualized v10
png
 servercfg003.png 64.4 kB 4 06-Jul-2021 02:19 Sandor
png
 servercfg004.png 43.2 kB 4 06-Jul-2021 02:19 Sandor
png
 tokencfg001.png 101.9 kB 2 29-Dec-2020 05:25 Ada Csaba
png
 tokencfg002.png 96.2 kB 2 29-Dec-2020 05:25 Ada Csaba
png
 tokencfg003.png 37.4 kB 2 29-Dec-2020 05:25 Ada Csaba

This page (revision-44) was last changed on 08-Aug-2023 06:55 by Sandor

This page was created on 29-Dec-2020 05:25 by Ada Csaba

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 1 changed one line
In CrushFTP version 9 we can integrate our One Time Password (__[OTP|OTP Settings]__) based authentication feature with Google's software based token device __Google Authenticator__ , using Time based OTP (TOTP). The user can register a QR code into Google Authenticator.\\
In CrushFTP version 10 we can integrate our One Time Password (__[OTP|OTP Settings]__) based authentication feature with Google's software based token device __Google Authenticator__, using Time based OTP (TOTP). The user can register a QR code into Google Authenticator.\\
At line 29 added 32 lines
!!Possible scenarios regarding the cooperation of admin and the end-user:
Prerequisites:
-a working Google Authenticator app on a mobile device
-in the User Manager -> user -> Webinterface -> Available customizations section the "Enable two factor registration" is set to True. This can be enabled on the "default" template account or on the group template account so all other users will inherit the setting from the template user.
-on Preferences -> General Settings -> OTP section the "Validated Logins" option must be enabled (A on the first screenshot)
-for the 2nd option the user account has to be configured with an email address. Also, the server needs to have a working SMTP relay configured on Preferences -> General Settings -> SMTP section.
1. This is the easiest method for the admin.
The option of "Google Authenticator Auto Enable" on Preferences -> General Settings -> OTP section is enabled (B on the first screenshot).
In User Manager the "Two factor OTP/SMS authentication" option is disabled.
The end-user logs in with username and password, and initializing the "Setup of 2 factor auth" via the User Options button, scans the QR code, and hits the Confirm button.
In the background, CrushFTP writes the Two factor authentication Secret to the user account and takes care of enabling the "Two factor OTP/SMS authentication" option for the user.
2.
The option of "Google Authenticator Auto Enable" on Preferences -> General Settings -> OTP section is left in disabled state.
In User Manager the "Two factor OTP/SMS authentication" option is enabled by the admin.
The end-user enters its username and password on the login page. A popup will be prompted asking for the email-based token, then the user is allowed to log in and initialize the Setup of 2 factor auth via the User Options button. Next time won't get an email, and at the token popup enters the 6-digit code generated by Google Authenticator.
3.
The option of "Google Authenticator Auto Enable" on Preferences -> General Settings -> OTP section is left in disabled state.
In User Manager the user doesn't have the "Two factor OTP/SMS authentication" option enabled
The end-user logs in with username and password, and initializing the Setup of 2 factor auth via the User Optons button, scans the QR code, and hits the Confirm button.
In the background CrushFTP writes the Two factor authentication Secret to the user account, but the Admin needs to activate the "Two factor OTP/SMS authentication" option for the user.
__[DMZ|DMZ]__ - Main node scenario: on Preferences -> General Settings -> OTP section the "Validated Logins" option must be enabled on the DMZ node, so the DMZ gives the two-factor authentication to the Main node.
Version Date Modified Size Author Changes ... Change note
44 08-Aug-2023 06:55 4.955 kB Sandor to previous
43 08-Aug-2023 06:48 4.951 kB Sandor to previous | to last
42 08-Aug-2023 06:46 4.943 kB Sandor to previous | to last
41 08-Aug-2023 06:44 4.947 kB Sandor to previous | to last
« This page (revision-44) was last changed on 08-Aug-2023 06:55 by Sandor
G’day (anonymous guest)
CrushFTP10 | What's New

Referenced by
Enterprise License Enhancements
LeftMenu

JSPWiki