How to do automatic 2FA with SSH/SCP on Windows (ideally using PuTTY+WinSCP)?

windows-10 ssh putty winscp two-factor-authentication

Neither WinSCP nor PuTTY provide a way to automate the 2FA authentication.

And even if they did, a question is whether the system that provides you the code (which you didn't tell us anything about) would allow you to obtain it automatically. It would kind of defy its purpose.


A possible solution is if your client IP addresses are static, which is to set SSH on the Linux server to skip authorization for your IPs.

The post SSH Google Authenticator Ignore/Whitelist ips has this answer:

In "/etc/pam.d/sshd"

auth [success=1 default=ignore] pam_access.so accessfile=/etc/security/access-local.conf
auth required pam_google_authenticator.so

Then on "/etc/security/access-local.conf"

#localhost doesn't need two step verification
+ : ALL : 192.168.1.0/24
+ : ALL : LOCAL
+ : ALL : YOURIPHERE
#All other hosts need two step verification
- : ALL : ALL      Don't forget to restart ssh.

Beside IP addresses, I don't see another way of distinguishing the clients. You might consider using a jump server having a static IP, so that these clients will connect through it and will this way be exempt from authentication.

Related

How to save anchor points in photoshop?
Small sized GPG command-line tool for Windows
"Mount" for .ISO's disappeared from context menu
Word Templates - how to make a document portable?
What would happen if I force installed a Linux driver into Mac OS X?
What's the advantage of buying an iMac over building a Hackintosh?
Why is it still not possible to cut files to paste them elsewhere in Catalina? [duplicate]
Does online gaming use data?
What did iOS do before multitasking?
I accidentally used "touch .." , is there a way to safely delete this document?
Why do I have to "renew Touch ID purchases" all the time?
Is there an iOS app that measures/reports the battery charging current?