Forum / NoMachine Terminal Server Products / MFA in Web GUI for first login possible?
- This topic has 5 replies, 2 voices, and was last updated 6 months ago by Britgirl.
-
AuthorPosts
-
March 5, 2024 at 13:54 #47275mwdbParticipant
Hi,
in the past we used a remote access solution in which it was possible for the user to create a 2fa code with the first login within the webgui. And it was also possible to reset the 2fa within the GUI.Now we are trying to implement 2factor in NoMachine and it looks like we have to create 2fa first (we use google auth and with that the user has to login to the terminal to create the 2fa) and then we can login with password and 2fa in NoMachine.
This is not really practical for remote-only users.
Does anyone know a solution to this problem?
Thanks in advance.
March 11, 2024 at 15:29 #47326BritgirlKeymasterIn NoMachine, MFA relies on the MFA already configured in the system and it cannot be configured directly in the NoMachine GUI.
You submitted this topic in Terminal Server products, so that means you are using Linux (if you have a subscription please consider submitting a support enquiry in your customer area). I’m not sure whether you already followed the instructions in the article about 2FA here: https://kb.nomachine.com/AR12L00828 (see section 3.2. Example 2: use Google Authenticator and also Example 4). There’s something not clear in what you wrote. The correct steps for the end user should be:
1) start the nomachine connection
2) input your username and password
3) input the Authentication code (from the google authenticator on the mobile app)Is this what your users are seeing?
March 11, 2024 at 15:53 #47327mwdbParticipantsorry if I have expressed myself unambiguously. Yes, we use Linux. MFA in Linux and NoMachine works.
To pick up on your sequence, I see it like this (at least for the first login)Open port 22 for ssh connection
Force mfa creation on first login
login with ssh and create a mfa
logout
than for compliance reason disable port 22than…
1) start the nomachine connection
2) input your username and password
3) input the Authentication code (from the google authenticator on the mobile app)
i attach a picture from [edited]… that can handle mfa creation in gui…
Attachments:
March 11, 2024 at 17:42 #47334BritgirlKeymasterThanks for clarifying, so everything is working correctly.
In version 9 we will be including our own built-in 2FA option in the GUI. This might be of interest to you. To use it, users will require a NoMachine account and the NoMachine app installed in order to receive push notifications, and being logged in to new NoMachine Network service within the app. NoMachine 2FA can be used to protect your NoMachine/Network account logins as well as for approving incoming connections. As I said, it will be released in version and will be available in all products.
March 12, 2024 at 06:50 #47343mwdbParticipantHello, I’m glad to hear that.
Is there already an approximate release date or when the first beta might be available for testing?
Many thanksMatthias
May 8, 2024 at 09:56 #48068BritgirlKeymasterDevelopment is in its final stages. We don’t have an official date for the release yet, but we are working hard to make it available by this summer.
-
AuthorPosts
This topic was marked as solved, you can't post.