PAM RADIUS + common name=user scritp

Scripts which allow the use of special authentication methods (LDAP, AD, MySQL/PostgreSQL, etc).

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
tcaetano
OpenVpn Newbie
Posts: 5
Joined: Tue Mar 28, 2017 1:32 pm

PAM RADIUS + common name=user scritp

Post by tcaetano » Wed May 17, 2017 1:51 pm

Im running openvpn OpenVPN 2.3.4 community edition.

we are using the pam-raidus in order to authenticate users with otp, we are trying to pass a certification and we were asked if we could filter logins with certificates. (for example if i steal a user's phone i and i get/know the PIN, i could get the otp and connect with his user, but the server could be able to reject the connection scince i dont have his client certificate).

i found this link (https://serverfault.com/questions/35885 ... in-openvpn) wich allows to match common name from the certificate with username in order to allow connection.

is pam authentication compatible with a script?? or can i change the pam module in order to also use this script??

Post Reply