Bug 13109 - openVPN, 2FA - client does not ask for One Time Token
Summary: openVPN, 2FA - client does not ask for One Time Token
Status: MODIFIED
Alias: None
Product: IPFire
Classification: Unclassified
Component: --- (show other bugs)
Version: 2
Hardware: all Unspecified
: - Unknown - Security
Assignee: Michael Tremer
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-05-19 11:07 UTC by Heino Gutschmidt
Modified: 2025-05-12 17:21 UTC (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Heino Gutschmidt 2023-05-19 11:07:23 UTC 
OpenVPN client does not ask for One Time Token (if OTP is enabled for the user and the client package provided by IPFire is used to connect)

verified versions:

  - IPFire 2.27 (x86_64) - Core-Update 170 and 174
  - oss openVPN client 2.5.8 and 2.6.4


workaround: 

  - add option "auth-user-pass" to client's config file

fix:

  - insert into /srv/web/ipfire/cgi-bin/ovpnmain.cgi (around line 2452):

    print CLIENTCONF "auth-user-pass\r\n";
Comment 1 Adolf Belka 2025-04-16 13:25:46 UTC 
As this bug is related to IPFire-2.x then the component should always be --- as per the IPFire bug reporting documentation.
Comment 2 Michael Tremer 2025-05-12 17:21:35 UTC 
> https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=1bf8788ff466d9c4f261c3979bc5924ecaa85fc0

Thank you for reporting this.