Skip to content
/ 2fa-plugin-jenkins Public

The plugin that integrates 2FA with the default Jenkins user management system.

License

MIT license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

chekist32/2fa-plugin-jenkins

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

31 Commits
.github
.github
 
 
.mvn
.mvn
 
 
docs/images
docs/images
 
 
src/main
src/main
 
 
.gitignore
.gitignore
 
 
Jenkinsfile
Jenkinsfile
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
pom.xml
pom.xml
 
 

Repository files navigation

2FA for Jenkins

logo

Description

This project is a fork of the jenkinsci/miniorange-two-factor-plugin with a refactored code base, removed banners and added TOTP Authentication.

Supported Authentication methods

  • Security Questions
  • OTP Over Email
  • TOTP Authenticator
  • Duo Push Notification [Not implemented yet]
  • Yubikey hardware token [Not implemented yet]
  • OTP over SMS [Not implemented yet]
  • Backup code [Not implemented yet]

Features of Jenkins 2FA plugin

  • Enable and disable 2FA for all users in a single click
  • 2FA supported for all security realms
  • Enable 2FA for users in specific groups [Not implemented yet]
  • Disable 2FA for users in specific groups [Not implemented yet]

Getting started

Prerequisites

Installation

  • Download plugin

    • Go to the Releases page and download the latests plugin release.

  • Verify signature (Optional)

    • Import the public signing key.
    gpg --keyserver keyserver.ubuntu.com --recv-keys EB39AE11A97F961E7F1C97528C65DB4C128B09E9
    • Download related signature and verify.
    gpg --verify plugin_file_name.hpi.sig

    You should see something like this:

    $ gpg --verify 2fa-jenkins-plugin-1.0.0.hpi.sig 
gpg: assuming signed data in '2fa-jenkins-plugin-1.0.0.hpi'
gpg: Signature made Fri 31 May 2024 08:31:02 PM CEST
gpg:                using EDDSA key EB39AE11A97F961E7F1C97528C65DB4C128B09E9
gpg: Good signature from "github-chekist32" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: EB39 AE11 A97F 961E 7F1C  9752 8C65 DB4C 128B 09E9

  • Install plugin

    • Go to Manage Jenkins > Plugins > Advanced settings
    • Click Choose file button and upload the .hpi file.
    • Click Deploy. image
    • Reload the Jenkins instance.

Usage

Important Note

A Jenkins instance must have configured https in order to be able to use this plugin.

Configure global settings (Admin)

  • Go to Manage Jenkins > 2FA Global Configurations image

  • Enable 2FA for all users image

  • Choose methods that can be used by users as 2FA image

Otp Over Email

  • Go to Manage Jenkins > Configure System (E-mail Notification section) image

  • Here you have to setup the mailer plugin in order to be able to use the Otp Over Email method. You can follow this guide. image

Configure specific 2FA Method (User)

  • Go to User profile > 2FA Configuration image

  • Here you can configure or reset 2FA methods enabled in global settings image

About

The plugin that integrates 2FA with the default Jenkins user management system.

Topics

security authentication jenkins-plugin totp 2fa otp-email

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases 2

v1.0.2 Latest
Jun 1, 2024
+ 1 release

Packages

No packages published

Contributors 2

  •  
  •  

Languages