Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Trace:
пакет_openvpn

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
пакет_openvpn [2025/09/15 09:22]
val [Использование PAM аутентификации] 		пакет_openvpn [2025/09/15 09:38] (current)
val [Использование PAM аутентификации]
Line 163: Line 163:
 -----END CERTIFICATE----- -----END CERTIFICATE-----
 </ca> </ca>
 +</​code>​
 +
 +=== Включение 2FA ===
 +
 +<​code>​
 +debian:~# cp /​etc/​pam.d/​login /​etc/​pam.d/​openvpn
 +
 +debian:~# cat /​etc/​pam.d/​openvpn
 +</​code><​code>​
 +auth required pam_google_authenticator.so authtok_prompt=pin
 +#auth required pam_google_authenticator.so authtok_prompt=pin user=root secret=/​etc/​openvpn/​google-auth/​${USER}
 +...
 +</​code>​
 +
 +  * [[Использование библиотеки PAM#​Использование pamtester]]
 +<​code>​
 +# cat /​etc/​openvpn/​openvpn1.conf
 +</​code><​code>​
 +...
 +plugin /​usr/​lib/​x86_64-linux-gnu/​openvpn/​plugins/​openvpn-plugin-auth-pam.so "​openvpn login USERNAME password PASSWORD pin OTP"
 +...
 +</​code><​code>​
 +debian:~# systemctl enable openvpn@openvpn1 --now
 +
 +debian:~# journalctl -f
 +...
 +Aug 29 09:45:09 debian openvpn(pam_google_authenticator)[2483]:​ Failed to read "/​home/​student/​.google_authenticator"​ for "​student"​
 +...
 +</​code><​code>​
 +# systemctl edit openvpn@openvpn1
 +</​code><​code>​
 +[Service]
 +ProtectHome=no
 </​code>​ </​code>​
 ==== Использование RADIUS аутентификации и учета ==== ==== Использование RADIUS аутентификации и учета ====
пакет_openvpn.1757917365.txt.gz · Last modified: 2025/09/15 09:22 by val

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki