Skip 2FA user and password authentication

How to customize and extend your OpenVPN installation.
Post Reply
flitec
OpenVpn Newbie
Posts: 1
Joined: Tue Jan 24, 2023 8:52 am

Skip 2FA user and password authentication

Post by flitec » Tue Jan 24, 2023 9:23 am

Hi all,
sorry we are new to openvpn and to the forum so please be patient.
We have setup a server on CENTOS 7 with 2FA we would like to know if it is possibile for some users to connect to the VPN just with the certificate (without user, passwd and 2FA) for a limited period of time......
Thanks for your help

The server configuration follows:

port 1194
proto udp
dev tun
user nobody
group nobody
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.0.8.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_Grl54G36xGMu9lB0.crt
key server_Grl54G36xGMu9lB0.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
dh none
ecdh-curve prime256v1
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
duplicate-cn
plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so "openvpn login USERNAME password PASSWORD pin OTP"
verb 3

Post Reply