Configuring Ubuntu SSH server to use Hashicorp Vault OTP
This post will demonstrate how to configure vault and ssh server in order to use OTP for the login to SSH server. Following diagram depicts the process. After we have initialized and unsealed our vault server we need to enable ssh secrets engine with the following command: vault secrets enable ssh Write role to Vault ssh secrets engine. For the test purposes we will allow all IPs Vault write ssh/roles/admin key_type=otp default_user=vaultuser cidr_list=0.0.0.0/0,0.0.0.0/0 Now we need to configure login to…