RPort
RPort
RPort
RPort
RPort Knowledge Base
👀 WHAT IS RPORT
Features and benefits of RPort
🚀 GETTING STARTED
Install the RPort Server
Launch RPort in the cloud
Install on Azure
Install on AWS EC2
Install on Digital Ocean
Install on Scaleway
Install on Google Compute
Install on Hetzner Cloud
Install RPort on any virgin cloud VM
Change the FQDN of the RPort server
Enable two factor authentication
Use push on mobile for 2FA
Connecting Clients
Using the remote access
Renaming and tagging of clients
Organize clients with groups
Activate the vault
🗣️ NEED HELP?
Troubleshoot common problems
Request Support
🔦 DIGGING DEEPER
Using the API
RPort Technology Explained
Client Configuration Options
Executing scripts
Advanced client management
Powered by GitBook

Enable two factor authentication

Add an extra layer of security to your account

Why 2FA and which to choose?

The more devices you manage with RPort the more powerful the RPort server becomes. If an unauthorized person get access to it, this person might take over partial or full control over your infrastructure. Getting access to your machines via RDP or SSH always requires login credentials of the operating system. But if you have scripts and command enabled, full control might be possible from the RPort dashboard.

Enabling two-factor authentication is therefore recommended. It prevents unauthorized usage of the RPort server if you or your teammates use weak passwords or passwords are stolen.

With 2FA enabled, you will receive a one-time token after the regular log in. The token is sent either by email or by a push message to your mobile.

Using email is free of cost, but the protection is weaker compared to a push message. Think of a lost or stolen laptop. If the laptop is not fully encrypted, the wrongdoer will have access to RPort and the email account. The 2FA is useless. If you select push messages for 2FA the wrongdoer must get access to the laptop and the mobile phone. And nowadays, mobiles are protected biometrical, so accessing the token is not that easy.

Enabling 2FA and the method how token are sent, is a global setting. You can not enable or disabel 2FA per user. All users must use the same token delivery method.

free two-factor sending service

Starting with rportd version 0.3 (late August 2021) all rport cloud installations have two-factor authentication via email enabled by default. Emails are sent via a free public service. This is good to start with a secure setup right from the beginning. The service comes without warranty or promised availability.

⚠️ If you plan to use RPort permanently and in a productive environment, stop using the free service. It's highly recommended using either your own SMTP server or switching to push messages.

Privacy notes

The free email service triggered by the script /usr/local/bin/2fa-sender.sh on your rport server submits the email and the token of the user over encrypted https to a web service operated by cloudradar GmbH. Email addresses are not used for any other purpose than dispatching the two-factor token. Email addresses are not stored.

Email sent by the free service for two-factor authentication
Previous
Change the FQDN of the RPort server
Next
Use push on mobile for 2FA
Last updated 4 weeks ago
Contents
Why 2FA and which to choose?
free two-factor sending service