Hi All, I want to secure an openssh server with two factor authentication and have seen the hardware token methods, most recently i've been seeing yubi/FIDO methods.
Ideally I would like to avoid having to depend on a usb size device that could easily be lost. I looked around and found mention of google authenticator as an option, phones aren't much bigger than usb sticks but people protect their phone as if it was their soul, but the newest mention I can find is many years old. My question is there any recent documentation / information on setting up an openssh server with non-hardware based two factor authentication? This does NOT have to be google authenticator, any similar service will suffice. Any advice greatly appreciated Thanks in advance.