Post Install Configuration SSH commands

    mkdir -p /lib64/security
    ls -lah /lib64/security
    cd /usr/lib64/security/
    ln -s /lib64/security/pam_google_authenticator.so pam_google_authenticator.so
    ln -s /lib64/security/pam_google_authenticator.la pam_google_authenticator.la
    ls -lah /usr/lib64/security/ | grep google
    cp /etc/pam.d/sshd{,.bak}
    sed -i "2iauth       required     pam_google_authenticator.so nullok" /etc/pam.d/sshd
    sed -i 's|^ChallengeResponseAuthentication .*|ChallengeResponseAuthentication yes|' /etc/ssh/sshd_config
    service sshd restart
    touch /etc/security/2fa-acl.conf
    echo "+ : ALL : 192.168.1.0/24" >> /etc/security/2fa-acl.conf
    echo "+ : ALL : LOCAL" >> /etc/security/2fa-acl.conf
    echo "- : ALL : ALL" >> /etc/security/2fa-acl.conf
    sed -i "2iauth [success=1 default=ignore] pam_access.so accessfile=/etc/security/2fa-acl.conf" /etc/pam.d/sshd
    /usr/bin/google-authenticator --time-based --disallow-reuse --window-size=17 --rate-limit=3 --rate-time=30 --force
    secretkey=$(head -n1 $HOME/.google_authenticator)
    backupcodes=$(tail -5 $HOME/.google_authenticator)
    echo
    echo "Your new secret key is: $secretkey"
    echo "Your emergency scratch codes are:"
    echo "$backupcodes"