e1e10515ec
Add two-factor authentication (2FA) to OpenVPN host connections with one-time passwords. The 2FA can be enabled or disabled per host connection and requires the client to download it's configuration again after 2FA has beend enabled for it. Additionally the client needs to configure an TOTP application, like "Google Authenticator" which then provides the second factor. To faciliate this every connection with enabled 2FA gets an "show qrcode" button after the "show file" button in the host connection list to show the 2FA secret and an 2FA configuration QRCode. When 2FA is enabled, the client needs to provide the second factor plus the private key password (if set) to successfully authorize. This only supports time based one-time passwords, TOTP with 30s window and 6 digits, for now but we may update this in the future. Signed-off-by: Timo Eissler <timo.eissler@ipfire.org> |
||
|---|---|---|
| .. | ||
| vhosts.d | ||
| default-server.conf | ||
| global.conf | ||
| httpd.conf | ||
| listen.conf | ||
| loadmodule.conf | ||
| mod_log_config.conf | ||
| server-tuning.conf | ||
| ssl-global.conf | ||
| uid.conf | ||