OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • TOTP GUI restriction for Users
« previous next »
  • Print
Pages: [1]

Author Topic: TOTP GUI restriction for Users  (Read 3043 times)

nlaird80

  • Newbie
  • *
  • Posts: 16
  • Karma: 0
    • View Profile
TOTP GUI restriction for Users
« on: September 06, 2016, 10:02:30 pm »
We allow our users of VPN to sign into the management GUI and only access the password management page. This lets them self-service a password change. What we would also like to allow is self-service for TOTP seeds (at a minimum the ability to get their QR). I cannot determine if there is already a permission in the access-control.

Any way to allow self-service for this? I would even be willing to accept self service to their own account management page (but not other users')

Thanks!
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13692
  • Karma: 1176
    • View Profile
Re: TOTP GUI restriction for Users
« Reply #1 on: September 19, 2016, 12:45:46 am »
Hi there,

At the moment there is no "profile" page for users that is tailored for read-only access of their settings.

I don't know what the best place would be for such a feature and what other data it should display.

Aiming for a simple solution... maybe showing the QR code on the password change page would be enough if the user has an OTP seed assigned?


Cheers,
Franco
Logged

nlaird80

  • Newbie
  • *
  • Posts: 16
  • Karma: 0
    • View Profile
Re: TOTP GUI restriction for Users
« Reply #2 on: September 21, 2016, 09:02:22 pm »
That would most likely be enough. We just want users to be able to change their own passwords and/or get their QR code without the admin from manually distributing them all (50+).
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13692
  • Karma: 1176
    • View Profile
Re: TOTP GUI restriction for Users
« Reply #3 on: September 21, 2016, 09:17:25 pm »
I've recorded this as ticket https://github.com/opnsense/core/issues/1197 just now, thanks
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • TOTP GUI restriction for Users
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2