Hi all,
Currently I have the root user disabled.
I use a custom user to access my firewall.
If this users certificate expires, does this prevent me from accessing my firewall? Or is this certificate for the VPN only?
Thank you in advance.
Out of the box there is just username and password for authentication. You can add TOTP or use RADIUS which may have other factors configured.
OpenVPN is one use for user certificates but they can have other purposes.
Bart...
First, thank you for the reply!
So, logging into the OPNsense does not require a certificate then?
Nope, if you want to use client certs as an authentication factor, you'd need to put a reverse proxy on the management network that is capable of it. Something like this: https://www.ssltrust.co.uk/help/setup-guides/client-certificate-authentication
Not a bad idea, just a bit baroque http://catb.org/jargon/html/B/baroque.html ;)
Bart...
wow,
Much appreciated!