Skip to content

Easily Setup with Two Factor Authentication in pgAdmin4 on Ubuntu

In this post we are going to setup pgAdmin4 with 2FA on ubuntu 18.04. pgAdmin4 supports two types of 2FA. This 2FA feature is available on server mode. The Two Factor Authentication add an additional layer of security to access the account.

Authentication Type

  • Email Authentication
  • Authenticator App (e.g.: Google Authenticator)

Two Factor Authentication in pgAdmin4 on Ubuntu

Install pgAdmin4 in server mode.

update ubuntu server

#apt update

Two Factor Authentication in pgAdmin4 on Ubuntu
Setup the repository
  • Install the public key for the repository.

#curl -fsS https://www.pgadmin.org/static/packages_pgadmin_org.pub | sudo gpg –dearmor -o /usr/share/keyrings/packages-pgadmin-org.gpg

  • Create the repository configuration file:

#sh -c ‘echo “deb [signed-by=/usr/share/keyrings/packages-pgadmin-org.gpg] https://ftp.postgresql.org/pub/pgadmin/pgadmin4/apt/$(lsb_release -cs) pgadmin4 main” > /etc/apt/sources.list.d/pgadmin4.list && apt update’

Install pgAdmin4.

#sudo apt install pgadmin4

Configure the webserver.

#/usr/pgadmin4/bin/setup-web.sh

Enter the email address that is used for administrative purpose and the first user to login. I have provided below email and password for my setup.

email: emailxxxx.xxxx@gmail.com

password: redhat

Now we are able to access pgadmin4 with local or system ip address. Here My ubuntu server ip address is 192.168.41.135

Let’s login. first

Now to enable MFA can go to below options.

Enable 2FA with Authenticator APP

To enable 2FA with Authenticator app, we need to install google authenticator app on our mobile and scan the QR code anf this will enable 2FA

Enable e-mail authentication.

We get the below error.

To get the OTP in our email address we can follow below steps.
  • Follow below steps to generate a “gmail password” for this pgadmin4 app..
  • go to “manage your google account” — security —- 2 steps verification.

Click on “App password” and click on “GENERATE. Copy the password and click Done.

  • Now we need to create a file named “config_local.py in the below directory and paste the below contents and the password that I we have created in above steps.

#cd /usr/pgadmin4/web

#nano config_local.py

Now restart the web service and let’s try to setup email authentication again.

#systemctl restart apache2

  • Let’s check our email, for the verification code.
  • To enforce 2FA to all users we can add below parameter in the file “config_local.py”

MFA_FORCE_REGISTRATION = True

Conclusion

In the post we have seen how to install and configure pgAdmin4 in server mode and configure with 2 Factor Authentication (e-Mail and Authenticator app).

For more Details, please visit pgadmin official website.

Also read our other postes: