Get a Quote     (408) 943-4100   TrueNAS Discord VendOp_Icon_15x15px Commercial Support
TrueNAS.com Software Systems Company Community Security iX Portal Download
TrueNAS CORE TrueNAS Enterprise TrueNAS SCALE TrueCommand Compare Editions Software Status FreeNAS
Compare Systems M-Series X-Series R-Series Mini Series
Contact Us iXsystems Careers Clients Reviews
TrueNAS GitHub Community Forum Discord TrueNAS Merch Store
Application Backup and Archival Cloud Media Workflows Video Surveillance Virtualization
Industry Education Government Healthcare Research / AI / ML Media & Entertainment
Enterprise Support Community Support Documentation TrueNAS Security FAQ iX Blog TrueNAS Blog
Case Studies White Papers Solution Briefs iX Portal Plugins & Apps ZFS Videos
Download TrueNAS CORE Download TrueNAS SCALE Get TrueNAS Enterprise Where to Buy
  1. TrueNAS SCALE 23.10
  2. /
  3. CLI Reference Guide
  4. /
  5. Auth
  6. /
  7. Two_Factor
Edit page
TrueNAS SCALETrueNAS SCALE Version Documentation
This content follows the TrueNAS SCALE 23.10 (Cobia) releases. Use the Product and Version selectors above to view content specific to different TrueNAS software or major version.

Two_Factor

  3 minute read.

Last Modified 2024-03-19 08:38 EDT

The SCALE CLI guide is a work in progress! New namespace and command documentation is continually added and maintained, so check back here often to see what is new!

Two_Factor Commands

The two_factor namespace has two commands is based on functions found in the SCALE API and web UI. It provides access to two-factor authentication (2FA) configuration methods through the two two_factor commands.

Config Command

The config command displays current 2FA settings

Description

The config command does not require entering properties or arguments. Enter the command, then press Enter. The command returns a table with the current two-factor settings.

Usage

From the CLI prompt, enter:

auth two_factor config

auth two_factor config
+------------+--------+
|         id | 1      |
| otp_digits | 6      |
|     secret | <null> |
|     window | 0      |
|   interval | 30     |
|   services | <dict> |
|    enabled | false  |
+------------+--------+

Update Command

The update command updates 2FA settings and requires one of five arguments in the command string: enabled, otp_digits, window, interval, and services.

Description

The update enabled command requires you to include either the true (enable) or false (disable) option. Enter the command string, then press Enter. The command returns nothing when successful.

Usage

From the CLI prompt, enter:

auth two_factor update enable=true/false

Where true* enables two-factor authentication, and false disables it.

auth two_factor update enabled=true

Description

The update otp_digits command requires you to include a number from six to eight. Enter the command string, then press Enter. The command returns nothing when successful, and returns an error when you enter an invalid integer.

Usage

From the CLI prompt, enter:

auth two_factor update otp_digits=number

Where number is the number of digits from six to eight.

auth two_factor update otp_digits=6

Description

The update window command extends the validity of one-time passwords and requires you to include an integer. Enter the command string, then press Enter. The command returns nothing when successful, and returns an error when you enter an invalid integer.

Usage

From the CLI prompt, enter:

auth two_factor update window=number

Where number is the number of passwords before and after the current one that are still valid. Must be between 0 and 999999999999999999.

auth two_factor update window=1

Description

The update interval command sets the lifespans of one-time passwords and requires you to include an integer. Enter the command string, then press Enter. The command returns nothing when successful, and returns an error when you enter an invalid integer.

Usage

From the CLI prompt, enter:

auth two_factor update interval=number

Where number is the number (in seconds) an OTP will last before expiring. Must be between 5 and 999999999999999999.

s

auth two_factor update interval=30

Description

The update services command enables or disables 2FA for SSH logins, and requires you to include an argument. Enter the command string, then press Enter. The command returns nothing when successful.

Usage

From the CLI prompt, enter:

auth two_factor update services={“ssh”:true/false

Where true/false enables (true) or disables (false) SSH 2FA authentication.

auth two_factor update services={"ssh":true}

Have more questions or want to discuss your specific configuration? For further discussion or assistance, see these resources:

Found content that needs an update? You can suggest content changes directly! To request changes to this content, click the Feedback button located on the middle-right side of the page (might require disabling ad blocking plugins).