cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Is there a way to use two-factor authentication for SmartConsole and Gaia Web portal/SSH console?

Is there a way to use two-factor authentication for SmartDashboard and Gaia Web portal/SSH console? 

Some combination like cert+username/password or with Radius supporting OTP (One time passwords).

We have audit recommendations that all devices that manage access to PCI DSS network segments should have two-factor authentication.

Thanks

3 Replies
Admin
Admin

Re: Is there a way to use two-factor authentication for SmartConsole and Gaia Web portal/SSH console?

You can authenticate to SmartConsole with a certificate:

You can also define certificates for users as well (if both password and certificate are defined, both credentials are required to log in):

For the WebUI on Gaia OS, certificates cannot be used, but you can use a RADIUS/TACACS+ server that requires a one-time password for authentication.

Note that RADIUS/TACACS+ is also supported for SmartConsole authentication as well.

Re: Is there a way to use two-factor authentication for SmartConsole and Gaia Web portal/SSH console?

Thank you Dameon!

I am aware of using certificates and password, but during my tests I was able to login only with one of the methods - password or certificate, no both of them.

Will try to build a test setup with RADIUS and OTP also. I am wondering is there a feature to display field for entering the OTP. 

0 Kudos
Admin
Admin

Re: Is there a way to use two-factor authentication for SmartConsole and Gaia Web portal/SSH console?

There is only one field for entering a password, unfortunately.

If you want BOTH an OTP and a regular password, you may be able to set that up on the RADIUS server (similar to how SecurID does it). 

0 Kudos