Page 1 of 1

Dual-auth (LDAP + OTP)

Posted: Thu Apr 05, 2018 2:46 pm
by beepmeep
Hi,
I'm having some issues getting OpenVPN to work using both LDAP login and a TOTP token and hoping someone else has a solution that works.

What I've tried:
Using plugins openvpn-auth-ldap with openvpn-otp with challenge/response. This works, except that I can't get gnome-network-manager-openvpn to prompt for the challenge/reponse key in GUI (which is necessary for my Linux Mint users) - it works perfectly for Windows, though.

Recently I tried using openvpn-plugin-auth-pam with openvpn-auth-ldap, so that users would type their password+otpkey in a single string, but the issue with auth-ldap is that it doesn't filter out the last 6 digits from the password and its being rejected in the LDAP plugin. This only works with a local user database :(

If anyone has any solutions or suggestions, I'd love to hear from you.

Thanks in advance,

Re: Dual-auth (LDAP + OTP)

Posted: Thu Apr 05, 2018 4:59 pm
by TinCanTech
The problem is network-manager .. especially on Linux Mint ..

Re: Dual-auth (LDAP + OTP)

Posted: Fri Apr 06, 2018 7:10 am
by beepmeep
Thanks, but I'm aware of where the problems lie, I'm looking for solutions to make this work in GUI ;)