RPort
  • RPort Knowledge Base
  • 👀WHAT IS RPORT
    • Features and benefits of RPort
      • Full feature list
    • Screenshots
    • Release Notes
      • 1.1.2
      • 1.1.0
      • 1.0.5
      • 1.0.4
      • 1.0.3
      • 1.0.2
      • 1.0.1
  • 🚀GETTING STARTED
  • Install the RPort Server
    • Launch RPort in the cloud
    • Install on-premises
    • Install on Vultr
    • Install on Azure
    • Install on AWS EC2
    • Install on Digital Ocean
    • Install on Scaleway
    • Install on Google Compute
    • Install on Hetzner Cloud
    • Install RPort on any virgin cloud VM
    • Change the FQDN of the RPort server
    • Enable two factor authentication
      • Use push on mobile for 2FA
      • Use TOTP
  • Connecting Clients
  • Using the remote access
    • Creating tunnels
      • VNC via browser
      • VNC via VNC® Viewer from RealVNC®
      • RDP via Browser
    • Open SSH from the browser
    • Scp,sftp through a tunnel
  • Renaming and tagging of clients
  • Organize clients with groups
  • Activate the vault
  • Manage users and permissions
  • Video Courses
    • Installation Preparation
    • Install on Prem
    • Install on Cloud
    • Client installation
    • Remote Access
    • Network communication
  • 🗣️ NEED HELP?
    • Troubleshoot common problems
      • RPort Server not starting
      • Restart rport through a tunnel
      • Attributes file path not set
      • Recover lost passwords
      • Client is not connecting
      • Id is already in use
  • 🔦DIGGING DEEPER
    • Using the API
      • Create client credentials
    • RPort Technology Explained
      • RPort Security Model
    • Commands and Scripts
      • Executing commands
      • Executing scripts
      • Tacoscript
    • The scheduler
    • File copy and reception
    • Client Configuration Options
      • Supervision of OS updates
      • Script and command execution
    • Advanced client management
      • Install the RPort client manually
      • Uninstall the RPort client
    • Server Maintenance
      • Monitoring of RPortd
      • Updating RPort
      • Backing up the rport server
      • Renewing certificates
    • FAQ
      • How to use Cloudflare
    • High Availability
    • Install on macOS
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Install the RPort Server
  2. Enable two factor authentication

Use push on mobile for 2FA

Use the Pushover app to receive one-time tokens

PreviousEnable two factor authenticationNextUse TOTP

Last updated 1 year ago

Was this helpful?

Use push messages for 2FA

RPort supports sending one-time tokens to mobile phones via . Pushover is a very tiny and versatile app available for and .

By creating a custom script you can send the token via any delivery method. This enables you to use Telegram or other messengers too. .

You can use the app free for 30 days and after that trial it costs ~€6,00. This is a one-time payment. Receiving messages is free.

Install the app on your mobile and create your account. Or go to pushover and create your account there. Each person who wants to receive tokens on the mobile need its own Pushover account.

With a Pushover account, you are allowed to receive and to send messages. Only receiving is enabled by default. To set up the 2FA you need to enable sending too. This must be done only by one person, typically the main administrator of the RPort server.

Create your account and generate a token

Go to https://pushover.net and log in to your account (top-right corner). The credentials are the same on the mobile and on the web.

Scroll down to "Your Applications" and create a "new application/API Token". This enables sending messages.

Enter RPort as the name of the application and confirm the terms. A token is displayed. This is your sender token.

You now have

  1. a user key, that is for receiving messages

  2. And an application API token, that is for sending messages.

Test your key and token

Log in to your rport server via SSH and execute the following test command. You should receive a push message almost instantly on your mobile.

API_TOKEN=<APPLICATION_API_TOKEN>
USER_KEY=<YOUR_PERSONAL_KEY>
curl -s \
  --form-string "token=${API_TOKEN}" \
  --form-string "user=${USER_KEY}" \
  --form-string "message=hello world" \
  --form-string "title=Just a test" \
  https://api.pushover.net/1/messages.json

If the test message was sent successfully, proceed to the next step. If not, double-check you are using the right key and token.

Activate 2FA on the rport server

Open the configuration file /etc/rport/rportd.conf with an editor. Scroll down to the where two-factor is configured, and add the following lines.

two_fa_token_delivery = 'pushover'
two_fa_token_ttl_seconds = 600

Scroll further down to the [pushover] section and enter your API token and one user key. Restart the rport server with systemctl restart rportd.

The user key is only used to verify the pushover connection on server start. No messages will be sent to this user key. User keys for sending the one-time token are configured per user. Entering the key of one user is harmless because the key doesn't provide access to the user account or any other personal data.

If the server refuses to start, execute the following command to see what's going wrong.

su - rport -s /bin/bash -c "rportd -c /etc/rport/rportd.conf"

Update the database

If the server is running after you made the above changes – check with systemctl status rportd – enter at least one pushover user key to the database.

DB_FILE=/var/lib/rport/auth.db
USER_KEY=<YOUR_KEY>
cat <<EOF|sqlite3 $DB_FILE
UPDATE users SET two_fa_send_to="$USER_KEY" WHERE username="admin";
EOF

This will update the user key of the user admin. The keys of all other users can be updated via the web UI. Changing the database doesn't require a server restart.

Try to log in with your username and password. A message "Verify it's you" should appear, and your mobile should ring.

Pushover
Android
IOS
Learn more
Enable message sending by creating an application
Your token for sending messages
Token sent to your mobile.