TrueNAS CORE
TrueNAS Enterprise
TrueNAS SCALE
Compare Editions
TrueCommand
Software Status
FreeNAS
Compare Systems
F-Series
M-Series
X-Series
R-Series
Mini Series
Download TrueNAS CORE
Download TrueNAS SCALE
Get TrueNAS Enterprise
Where to BuyTrueNAS SCALE Nightly Development Documentation
This content follows experimental early release software. Use the Product and Version selectors above to view content specific to a stable software release.
two_factor
3 minute read.
Last Modified 2024-03-15 13:07 EDTThe TrueNAS CLI guide for SCALE is a work in progress! New namespace and command documentation is continually added and maintained, so check back here often to see what is new!
auth two_factor commands are based on authentiation functions found in the SCALE API and web UI. Use to set up user two-factor authentication and view status for the user.
Enter auth ls to view the list of available commands and namespaces.
| Commands | Description |
|---|---|
auth two_factor config | Displays current 2FA settings for the currently logged-in user. |
auth two_factor update | Updates two-factor authentication settings for the ID entered. |
The interactive argument editor is a text user interface (TUI) that can help enter complex commands with multiple configurable properties. It shows expected properties, defaults, input types (string, boolean, integer, or array), and can include command instructions or warnings.
Optional properties, indicated by the # symbol, are disabled by default.
Required properties are enabled.
Do not disable properties that are enabled by default.
To configure required properties, enter a space after the colon then add the value.
To enable optional properties, delete # from the corresponding line.
Some required properties are disabled if they are part of a pair of properties where one or the other is required. Select one property to enable and enter a value.
Press F2 or click Save to save the modified file.
Press F10, Esc, or click Quit to exit the TUI. The command automatically executes upon exit.
The auth two_factor config displays current 2FA settings for the currently logged-in user.
auth two_factor config does not require entering properties or arguments.
Enter the command, then press Enter. The command returns a table with two-factor authentication properties for the currently logged-in user.
| Property | Description |
|---|---|
id | Displays the system-assigned ID number for the currently logged-in user. |
otp_digits | Displays the length (number of digits) allowed for a one-time password. |
secret | Displays <null>. |
window | Displays the number of passwords before and after the current remain valid for the currently logged-in user. |
interval | Displays the lifespan of a one-time password for the currently logged-in user. |
services | Displays <dict>. At present, viewing the contents of a dictionary is not available in the SCALE CLI. |
enabled | Displays true if two factor authentication is enabled for the currently logged-in user, or false if not configured or disabled. |
The auth two_factor update command changes 2FA settings.
auth two_factor update has five property arguments. Enter at least one property arguments.
See two_factor update Properties for details.
Enter the command string then press Enter. The command returns nothing when successful.
| Property | Description | Syntax Example |
|---|---|---|
enabled | Enter true to enable two_factor authentication for the currently logged-in user, or false to disable 2fa. | enabled=true or enabled=false |
otp_digits | Enter a number from six to eight to set the length of a one-time password. | otp_digits=6 |
window | Enter a number of passwords before and after the current remain valid. This extends the validity of one-time passwords. | window=2 |
interval | Enter a number to set the lifespan of a one-time password. | interval=30 |
services | Enter the true to enable or `false to disable 2FA for SSH logins. | services={“ssh”:true/false |