Setup Two Factor Webmin

Updated with version changes: 25OCT2015

Two factor security is becoming a standard for access and authentication. If you think you don’t need it then navigate to System option from WebMin sidebar. Select ‘View’ to check contents  from ‘ /var/log/secure’. If you are lucky you will not see any brute-force or invalid login attempts. If you can see it then you know that you need this guide.

To setup two factor, first you will need to install some authentication app which will display a one time password for your logins. There are many apps like Google Authenticator, Authy two factor, ESET secure, SAASPASS, Duo mobile etc. You can download as per preference and your phone. Only problem is WebMin by default comes with Google and Authy as provider. You need to install the packages if you want to use other provider. I will be using Google authenticator.

Setup Two Factor Webmin

So let’s get secured.

Login to your WebMin panel and then navigate to WebMin-> WebMin Configuration from sidebar options.

Enable Webmin Two Factor
Enable Webmin Two Factor

Then click on ‘Two-factor Authentication’ option. This is the master option to start second factor for complete server. Each user needs to complete the enrollment separately from WebMin or the admin user can perform for all.

Choose your authentication provider from the list and hit Save.

Selecting Google as Provider for authentication
Select provider – Here Google

Remember that, Admin or Root user is needed to Start the service as above. User can enroll themselves on their own.

Now, we need to enroll the logged user. Select ‘Webmin Users’ from Webmin option in sidebar. Select ‘Two-factor authentication’ from the shown options.

Select Two Factor for webmin user
Select Two Factor for logged user

You can either use randomly generated key or put your own key for creating token.

Select ‘Generated randomly’ and click on Enable option. You will be given a secret key code and a QR code as shown,

Webmin Two Factor QR code
Scan this QR Code or enter Key in App

Fire up your authentication app and scan the QR code, else you can also put the key manually. As soon as this is done, the app on your phone will start to show a six-digit code. Also, in Webmin you will see that selected username has an ‘Asterisk’ on it.

Note: If you can’t see QR code, then you might need to install phpgd, and mcrypt packages on your server.

To confirm that it is working, you will need to logout and then login. You will see that on login screen there is third fill box is available. Just go ahead and try it by entering your Login name, Password and third key which you will get from App.

Two Factor Enabled Webmin Login
Two Factor Enabled Webmin Login

Let me know your troubles, queries and thoughts via comments. 🙂

By Mrinal Buddekar

Data Manager and a technology enthusiast! Mrinal Buddekar is Pune based blogger who loves building server, websites, technology, and affiliate blogging.

Hey there!

Help us reach out to awesome people lie you out there. We publish Tech and WordPress, Deals, and Reviews. WE DON'T SPAM!

Your Information will never be shared with any third party