The @UniOslo@twitter.com now imposing a two-factor authentication without asking for any feedback from the scientific community. We now need to have our phone to validate the login with ssh for instance! Every freaking time... It is very annoying IMO. Also imposed on email, calendars, etc.
Any other universities you know imposing this?
@AMathelier We have 2FA on our SSH, but periodic not every time which would make it near unusable. I often have multiple ssh/scp/rsync sessions at once, plus a GUI file browser when possible.
@pjacock @AMathelier we have 2FA for every single SSH login as well. Does make everything much more painful! I’ve gotten used to doing everything in a screen session so I don’t have to log in again.
@rbeagrie @pjacock @AMathelier One of my PDs suggested using an "ssh master" connection, which at least means you only have to do the 2FA once, and every subsequent rsync/sftp/scp connection goes through the master. See e.g. https://oooops.dev/2021/01/31/ssh-multiplexing-and-master-mode/
@bensb @rbeagrie @AMathelier That does sound like a reasonable workaround to explore, but I would still keep pushing back at the institute policy. One SSH 2FA check per day per device/network ought to be enough, surely?
@pjacock @rbeagrie @AMathelier There was no debate or request for comment here, just "this is it now". The reason given was "hacking attempts by foreign agents during covid vaccine development". Can't push back against that very easily 😅
@bensb @pjacock @AMathelier ooh this is a great tip. Especially if there’s a way to convince FileZilla (or equivalent) to use the already established master connection…
@rbeagrie @pjacock i use screen as well but it's still a pain for every ssh connection in the terminal and the file browser.