Automate Google 2FA authentication from bash script for copying files with rsync

by Sijo M Cyril   Last Updated August 14, 2019 05:00 AM - source

An automated bash script to generate OTP (verification codes) from Google's 2FA secret key and generated OTP (verification codes) should use for transfer data from one Ubuntu server to another 2FA enabled Ubuntu server

I use rsync command to transfer files from my Jenkins server to production server. Production server is enabled with 2FA. I need to automate this process without using any other resources like AWS S3.

Can anyone help me to solve this?

Thanks



Answers 1


We can use sshpass and oathtool together for copying files to 2FA enabled servers. So we can remove nullok from server and tighten up server against brute force attack.

Prerequisites:

Source / Jenkins server:

  1. sudo apt install sshpass
  2. sudo apt install oathtool

Destination server:

  1. create a SSH key and 2FA authentication file in user's home.

Jenkins server:

Following is the example of copying files from Jenkins to 2FA enabled server:

sshpass -p `oathtool -b  --totp 'xxxxxxxxxxxxx'` rsync -aruvhze 'ssh -i /var/lib/jenkins/ssh_key.txt -o StrictHostKeyChecking=no' --progress /var/lib/jenkins/workspace/build/* [email protected]:/opt/build/
  • 2FA secret key xxxxxxxxxxxxx
  • SSH key file /var/lib/jenkins/ssh_key.txt
  • Source folder: /var/lib/jenkins/workspace/build/*
  • Destination server user: scp_user
  • Destination server: 10.10.10.46
  • Destination: /opt/build/
Sijo M Cyril
Sijo M Cyril
August 14, 2019 04:36 AM

Related Questions


Restart all Jenkins Nodes

Updated February 23, 2018 17:00 PM

Per-job environments in Jenkins with virtualenv

Updated February 16, 2018 23:00 PM


bash rsync is Killed by signal 2

Updated July 16, 2015 16:00 PM

Trying to script rsync using pam_exec

Updated November 10, 2015 06:00 AM