Google Two-Factor - Authentication Apply Problem

Use this forum to share your VPN or network disasters. Show diagrams, traffic graphs, or whatever else you need (a video of you letting the 'smoke' out of our network gear).

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
dhvms
OpenVpn Newbie
Posts: 1
Joined: Sat Jan 29, 2022 10:17 am

Google Two-Factor - Authentication Apply Problem

Post by dhvms » Sat Jan 29, 2022 10:42 am

Hello Recently I am struggling with openvpn multi-factor authentication issue.

This problem has been confirmed as a problem that occurs in the CentOS6 .10 version, and this problem does not occur in the CentOS5 and 7 versions.

For more details, it is an error that authentication does not succeed if the client user uses the user PW and google verify-code together when logging in. The problem I checked was that the forward_pass option was not applied in the pam module.
As a result of my testing, when I log in with only user information or apply separately with Google OTP 6 digits, login works well.

I want to solve this problem and I would like some help. Below are my openvpn configuration files, pam module configuration files, and the error log I checked.


/etc/openvpn/openvpn.conf
-> plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so /etc/pam.d/openvpn


/etc/pam.d/openvpn
-> auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
auth required /lib64/security/pam_google_authenticator.so forward_pass
auth include system-auth
account include system-auth
password include system-auth

(/lib64/security/pam_google_authenticator.so The file exists in this path.)


tail -f /var/log/secure
-> openvpn(pam_google_authenticator)[6128]: Unrecognized option "forward_pass"

(I want to apply the forward pass option.)

Post Reply