Closed ellen-mindshift closed 7 months ago
The thing that keeps it in sync is accurate time. The only way for it to fall out of sync is for the clock on your server or your mobile device to be inaccurate. So I’d start with that.
If you expect time sync to be a problem, you could switch to counter based OTP (HOTP). Google authenticator supports that too.
Thanks everybody. Issue resolved. I just switch to counter based OTP, that's enough.
System information
Operating system : Ubuntu 18.04 Do you use selinux? : No
Steps to reproduce
What I expected would happen
SSH Connection with google authenticator app
What actually happened
It works fine. But it seems like things go out of sync every few months.
For example, I set up each Authenticator on two servers.
One server has been working well for nearly 3 years now, but the other server loses connection every once in a while (as short as 3 months, as long as 6 months), so I mount the volume on another server, access it indirectly, sync again, and then fix it. The server specifications and environment are set the same, but in this case, I have no idea which part of the setting I need to adjust. How should I fix it?
Is there any suggestions / solutions for someone like me ?
Thanks.
PAM config
Paste the relevant parts of your PAM config
If SSH: SSH config
Paste the relevant parts of
/etc/ssh/sshd_config
or equivalent.If not SSH: That program's config, and logs
Contents of
/var/log/auth.log
or equivalent