Hardened Bastion with MFA on Docker

Project to build secured and hardened Bastion Docker image

Usage

Environment setup

Google Authenticator is a free & open source MFA solution - to enable it as MFA provider:

export MFA_PROVIDER=google-authenticator

Quick start

Here's how you can quickly run the bastion. Assuming you have ~/.ssh/authorized_keys properly configured and your SSH key (e.g. ~/.ssh/id_rsa) added to your SSH agent.

$ docker run -it -p 1234:22 \
     -e MFA_PROVIDER=google-authenticator \
     -v ~/.ssh/authorized_keys:/root/.ssh/authorized_keys
     OlegGorJ/bastion-image:latest

In another terminal you should be able to run:

$ ssh root@localhost -p 1234

The first time you connect, you'll be asked to setup your MFA device, then, each next time you connect, you'll be prompted to enter your MFA token.

Name		Name	Last commit message	Last commit date
Latest commit History 16 Commits
patches/openssh		patches/openssh
rootfs		rootfs
.travis.yml		.travis.yml
Dockerfile		Dockerfile
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
init		init

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Hardened Bastion with MFA on Docker

Usage

Environment setup

Quick start

About

Releases 1

Packages

Contributors 2

Languages

License

OlegGorj/bastion-image

Folders and files

Latest commit

History

Repository files navigation

Hardened Bastion with MFA on Docker

Usage

Environment setup

Quick start

About

Topics

Resources

License

Stars

Watchers

Forks

Releases 1

Packages 0

Contributors 2

Languages

Packages