Page 1 of 1

FreeIPA 4.5.4 + OpenVPN 2.4.6 + OTP

Posted: Mon Nov 12, 2018 1:40 pm
by l0nedigit
Hello everyone,

I'm not sure if I am in the correct forum or not. But, I hope I am. Anyway, I am trying to get OTP to work the openvpn using FreeIPA for user account management. Has anyone ever set this up before?

I have tried a multitude of things with the openvpn pam shared object:
plugin "openvpn" (combining password+otp in one line)
plugin "openvpn login USERNAME password PASSWORD" (combining passowrd+otp in one line)
plugin "openvpn login USERNAME 'First Factor' PASSWORD 'Second Factor' OTP" (setting static-challeng in client.conf)

If I remove otp from the user account, I can login just fine. Just trying to wrap my head around the plugin so that it will work with FreeIPA OTP enabled accounts.

Any help is greatly appreciated.