Two-Factor Authentication for accessing Linode Manager front end

I am not sure what you might be asking because Linode's two-factor works, almost, identically to GoDaddy. Enable, write down some access codes, and you are set.

I am not sure that GoDaddy offers this for hosting/ssh, which may be what you are asking? If so, Linode does not offer this but it's easy enough to implement. https://duo.com/docs/duounix

@BritWeb:

Hi

I went thro' the page -> https://www.linode.com/docs/security/li … y-controls">https://www.linode.com/docs/security/linode-manager-security-controls about Linode Manager Security Controls.

Does Linode offer 'Two-Factor Authentication' like Godaddy does, just login using the password and for the second authentication put in the code they texted. This is so easy when compared to the ones outlined on the above page.

Would Linodo consider this?

Thanks

I doubt it, because it adds complexity, and for certain real classes of people, reduces security. There are several instances where people's accounts on other websites have been compromised by an attacker by tricking the user's phone provider into activating a new device on the phone number so the attacker could get the SMS-based 2FA code. Forgive the expression, but if you're the average nobody, then SMS-based 2FA is probably fine, because you're unlikely to have anything valuable enough for an attacker to go through the effort of hijacking your phone number to get into your account, but there are many people that do have valuable things on their accounts, some of whom may not realize it or understand the risks SMS-based 2FA poses. And then there's the complexity and support burden of dealing with an SMS-based 2FA solution. Linode would need to locate a provider capable of international SMS, as I would say nearly, if not more than, half of Linode's customers reside outside of country code 1 (AKA the US/Canada), and then there'd still be spontaneous issues all the time of failing to deliver the code, and users being locked out of their accounts as a result.

If you're concerned about losing the ability to generate codes because you've lost your device or wiped it, you have a couple different options. You can use an app that backs up the keys used for generation (I know of Authy, there may be others), or you can purchase a hardware token such as the Yubikey NEO or Yubikey 4 to hold the keys, which then interacts with an app to generate the code. Yubico has software for OS X and Windows (they may also have Linux apps, I haven't looked) that'll interact with either the NEO or 4, and they also have an Android app for using the NEO with your mobile device (the mobile app works with the device via NFC, which the NEO has but the 4 does not; this app does not work with Apple devices yet, as Apple has not yet opened up their NFC APIs).

Guys, thanks for the input.

I use Two-Factor Authentication for accessing my domain managing area at Godaddy and don't have any site hosted with them. Just wondered if Linode does the same.

I had a look at Duo Unix - Two-Factor Authentication, but it isn't as straight forward as Godaddy's

Thanks, once again!

Yes, the Linode Manager supports 2FA. This can be enabled from the "my profile" section of the Manager. For any additional security for an SSH connection to your server, you can set this up on your own. I would recommend just using a key based authentication from your devices along with LISH on our Linode Manager.

Brilliant! Thanks, mkorsak

You're welcome!