Dual-auth (LDAP + OTP)
Posted: Thu Apr 05, 2018 2:46 pm
Hi,
I'm having some issues getting OpenVPN to work using both LDAP login and a TOTP token and hoping someone else has a solution that works.
What I've tried:
Using plugins openvpn-auth-ldap with openvpn-otp with challenge/response. This works, except that I can't get gnome-network-manager-openvpn to prompt for the challenge/reponse key in GUI (which is necessary for my Linux Mint users) - it works perfectly for Windows, though.
Recently I tried using openvpn-plugin-auth-pam with openvpn-auth-ldap, so that users would type their password+otpkey in a single string, but the issue with auth-ldap is that it doesn't filter out the last 6 digits from the password and its being rejected in the LDAP plugin. This only works with a local user database
If anyone has any solutions or suggestions, I'd love to hear from you.
Thanks in advance,
I'm having some issues getting OpenVPN to work using both LDAP login and a TOTP token and hoping someone else has a solution that works.
What I've tried:
Using plugins openvpn-auth-ldap with openvpn-otp with challenge/response. This works, except that I can't get gnome-network-manager-openvpn to prompt for the challenge/reponse key in GUI (which is necessary for my Linux Mint users) - it works perfectly for Windows, though.
Recently I tried using openvpn-plugin-auth-pam with openvpn-auth-ldap, so that users would type their password+otpkey in a single string, but the issue with auth-ldap is that it doesn't filter out the last 6 digits from the password and its being rejected in the LDAP plugin. This only works with a local user database

If anyone has any solutions or suggestions, I'd love to hear from you.
Thanks in advance,