| Summary: | openVPN, 2FA - client does not ask for One Time Token | ||
|---|---|---|---|
| Product: | IPFire | Reporter: | Heino Gutschmidt <heino.gutschmidt> |
| Component: | openvpn | Assignee: | Assigned to nobody - feel free to grab it and work on it <nobody> |
| Status: | NEW --- | QA Contact: | |
| Severity: | Security | ||
| Priority: | - Unknown - | ||
| Version: | 2 | ||
| Hardware: | all | ||
| OS: | Unspecified | ||
OpenVPN client does not ask for One Time Token (if OTP is enabled for the user and the client package provided by IPFire is used to connect) verified versions: - IPFire 2.27 (x86_64) - Core-Update 170 and 174 - oss openVPN client 2.5.8 and 2.6.4 workaround: - add option "auth-user-pass" to client's config file fix: - insert into /srv/web/ipfire/cgi-bin/ovpnmain.cgi (around line 2452): print CLIENTCONF "auth-user-pass\r\n";