Antsle Forum

Welcome to our Antsle community! This forum is to connect all Antsle users to post experiences, make user-generated content available for the entire community and more. 

Please note: This forum is about discussing one specific issue at a time. No generalizations. No judgments. Please check the Forum Rules before posting. If you have specific questions about your Antsle and expect a response from our team directly, please continue to use the appropriate channels (email: [email protected]) so every inquiry is tracked. 

Please or Register to create posts and topics.

two factor authentication

Considering that the antsle is public facing and available via a subdomain URL, it seems fairly insecure for it to ONLY require a single password and not "lock" a user out after several repeated attempts at the password.  Using Selenium or some other web based testing tool a brute force attack would eventually succeed.

How is yours public facing?  The antman URL doesn't work outside my LAN and I can't ssh to my antsle unless I forward a port in my router.

 

Hi @acnicholls

That's correct, your antsle won't be accessible from outside your network unless you have it under a public IP. That being said, 2FA is in our roadmap.

@lancem - in anthill there is the ability to give the antsle an antsle.us subdomain which, I think makes it available outside the LAN.  I'll test it this weekend, but I'm positive I can get to it from any IP if I know the subdomain.

 

@mardo - any update?  This post has been active for quite sometime.

Hi Anthony:

Thanks for reaching out and requesting an update.  I apologize for the late reply as I just saw this post.
I'll let our developers know that you had inquired about 2FA.

Thank you,
antsle Support

if you want to add 2FA to your Ubuntu Antlets using SSH, I have used this method.

https://ubuntu.com/tutorials/configure-ssh-2fa#1-overview

 

 

daniel.luck has reacted to this post.
daniel.luck

Hi Daniel:

Thanks for sharing the article about adding 2FA to your Ubuntu antlets!

Thank you,
antsle Support

thanks @danielgalvan, but I really meant to the antman login, the administration webpage.  Not one of the antlets and SSH.

now for me to apologize, I only just now tested trying the antsle.us subdomain from somewhere off my LAN and it returns a timeout error, which is good enough, so long as it's not my login page. @mardo is correct.