| Summary: | openVPN, 2FA - client does not ask for One Time Token | ||
|---|---|---|---|
| Product: | IPFire | Reporter: | Heino Gutschmidt <heino.gutschmidt> |
| Component: | --- | Assignee: | Michael Tremer <michael.tremer> |
| Status: | MODIFIED --- | QA Contact: | |
| Severity: | Security | ||
| Priority: | - Unknown - | CC: | adolf.belka, michael.tremer |
| Version: | 2 | ||
| Hardware: | all | ||
| OS: | Unspecified | ||
As this bug is related to IPFire-2.x then the component should always be --- as per the IPFire bug reporting documentation. > https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=1bf8788ff466d9c4f261c3979bc5924ecaa85fc0
Thank you for reporting this.
|
OpenVPN client does not ask for One Time Token (if OTP is enabled for the user and the client package provided by IPFire is used to connect) verified versions: - IPFire 2.27 (x86_64) - Core-Update 170 and 174 - oss openVPN client 2.5.8 and 2.6.4 workaround: - add option "auth-user-pass" to client's config file fix: - insert into /srv/web/ipfire/cgi-bin/ovpnmain.cgi (around line 2452): print CLIENTCONF "auth-user-pass\r\n";