Tag: ubuntu

Ubuntu – Add Google 2FA for SSH

Posted on September 18, 2020 by Dexter

The Setup

Host: Ubuntu 18.04 “Bionic Beaver” release
Software: Google Chrome

Original article found on linuxbabe

Super handy, and secure way to ssh into your Linux Box at home. This uses the Android Google Authenticator for the QR code, generated right in the SSH window. And you get the added bonus of 6 one-time use codes to use.

To start, SSH into your Unbuntu computer as root.

$ sudo apt install libpam-google-authenticator

Then run the google-authenticator command to create a new secret key in your home directory.

$ google-authenticator

When asked:

Do you want Authentications to be time-based (y/n)

Answer Y!

The QR code should display in the SSH window, ideally you want to scan this into your Google Authenticator. Other sources point out that FreeOTP (developed by RedHat can serve the same purpose)

.

once scanned into your mobile Google Authenticator, you it should show as a new entry.

Configure SSH daemon to use google authenticator

$ sudo nano /etc/ssh/sshd_config

Add in:

UsePAM yes
ChallengeResponseAuthentication yes

Save file

$ sudo systemctl restart ssh
$ sudo nano /etc/pam.d/sshd

Add the lines

@include common-auth
Auth required pam_google_authenticator.so

Save the file!

Now anytime you connect to your SSH terminal to this server, you’ll receive the 2FA push

[ivory-search 404 "The search form 3350 does not exist"]

Ubuntu Chrome Remote Desktop configuration

Posted on September 18, 2020 by Dexter

The Setup

Host: Ubuntu 18.04 “Bionic Beaver” release
Software: Google Chrome

I thought this was weird: I couldn’t actually download the Chrome browser. Couldn’t do it from firefox (the Ubuntu default), or chromium (the open-source O.G Chrome package). I thought that was sort of weird. Like Ubuntu linux didn’t support it or something. This means it’s simply not available in the Ubuntu software repository.

There are lots of guides of “how to install chrome” onto Ubuntu. I’ve compiled that here, as well as how to install and configure Chrome Remote Desktop.

  1. Install Google Chrome From SSH shell: 
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
  1. Once installed, own the CHROME browser directly to https://remotedesktop.google.com. This will add the Chrome Remote Desktop Extension directly to Chrome for you.
  2. Install the Extension
  3. When asked, choose a PIN for your desktop

This is the part of the blog where you think everything works. Not in this case. I kept getting this error:

I thought, maybe it’s because I didn’t add myself to the chrome remote desktop users group.

$ sudo usermod -a -G chrome-remote-desktop my_user_name

At this point, I decided to reboot for good measure.

After reboot, the Chrome Remote desktop was now in the applications

Although I still couldn’t connect from another host, still times out. Kept giving me errors that the startdaemon wasn’t starting properly.

With some help from monkey patching, I eventually got it working. Here’s the steps broken down:

  1. Stop Chrome Remote Desktop 
$ /opt/google/chrome-remote-desktop/chrome-remote-desktop --stop
  1. Backup the original configuration 
$ sudo cp /opt/google/chrome-remote-desktop/chrome-remote-desktop /opt/google/chrome-remote-desktop/chrome-remote-desktop.orig
  1. Edit the config file with nano (or whatever editor you prefer) 
$ nano /opt/google/chrome-remote-desktop/chrome-remote-desktop
  1. Find DEFAULT_SIZES and amend to the remote desktop resolution. For Example: 
DEFAULT_SIZES = "1920x1080"

In my case, I set it to “1920×1200,3840×2400” since the desktop had dual-monitors.

Set the X display number to the current display number (obtain it with echo $DISPLAY from any terminal). On Ubuntu 17.10 and lower, this is usually 0, and on Ubuntu 18.04, this is usually 1:

FIRST_X_DISPLAY_NUMBER = 1

Change it to “20”.

FIRST_X_DISPLAY_NUMBER = 20.

In my case, it happened to be 1.

Comment out sections that look for additional displays:

#while os.path.exists(X_LOCK_FILE_TEMPLATE % display):
<p><code># display += 1

Reuse the existing X session instead of launching a new one. Alter launch_session() by commenting out launch_x_server() and launch_x_session() and instead setting the display environment variable, so that the function definition ultimately looks like the following:

def launch_session(self, x_args):
self._init_child_env()
self._setup_pulseaudio()
self._setup_gnubby()
#self._launch_x_server(x_args)
#self._launch_x_session()
display = self.get_unused_display_number()
self.child_env[“DISPLAY”] = “:%d” % display

Save and exit the editor. Start Chrome Remote Desktop:

Sudo /opt/google/chrome-remote-desktop/chrome-remote-desktop --start

On a VM, this seems to fail. BUT on a physical box, i’m connected to it even as I write this without any issues.

Just have to get used to picking what session you want, Xsession, and I think the other was was regular ‘ubuntu’ session or something. Has to do with the different environments, one environment is strictly for when you’re sitting physically in front of the computer, the other is the remote session stuff over things like VNC.

Remoting in from external shows this on first boot up:

Once you select the session, that’s the same session you connect in with every time.

I’ve been using the 2nd option – “Ubuntu”

Breakdown of each option:

(default) – launch the default Xsession. This looks the same as “ubuntu” session. All the windows look the same, and the same settings seem to apply.

Ubuntu – I use this most often, looks like VNC ties to this instance too. Actually, I think the above selection (default) is just whatever you pick between ‘ubuntu’ session and ‘unity’ session.

Unity – looks like a completely different OS. The icons are different, the experience, everything. This appears to be a graphical interface of sorts, sort of like the flavors of KDE or GNOME.

There you have it, you now have a functioning Chrome Remote Desktop to your Ubuntu Box.

[ivory-search 404 "The search form 3350 does not exist"]