TOTP + SSH unexpected issue

[1MachineElf]

Hi TrueNAS Friends,

So glad there is a TOTP feature in TrueNAS. Unfortunately, I'm having mixed results with it. For accessing SSH I have had no success, but at least for the web interface it is working reliably. I've searched the forums, and I haven't seen anyone else reporting the same issue. Here's what I'm seeing when I attempt to login with SSH:

Code:

me@client:~$ ssh root@truenas.example.com
Password for root@truenas.example.com:
One-time password (OATH) for `root':
Password for root@truenas.example.com:
One-time password (OATH) for `root':
Password for root@truenas.example.com:
One-time password (OATH) for `root':
root@truenas.example.com's password:

As shown above, what basically happens is I'm repeatedly asked to enter in my password, the TOTP code, the password, the TOTP code, etc. - Any ideas on what the problem is?

 

[1MachineElf]

Making progress. I can now login with the root account using 2FA.

I realized that I did not check the box in SSH service config for "Log in with root password" as instructed in the documentation: https://www.truenas.com/docs/core/system/2fa/#using-2fa-to-log-in-to-truenas

Thing is, I anticipated this configuration may be necessary, but before I knew about this step in the setup, I had already gone to the `sshd_config` file and edited the lines for root login and password auth. I guess those lines are not the same as what this setting in the GUI does.

I'm not accustomed to logging in with the root account. I wish I could use this feature with an unprivileged account too. Hopefully that's on the roadmap for a future release.