OPNsense Forum
English Forums => Web Proxy Filtering and Caching => Topic started by: WhiteTiger on June 22, 2020, 10:28:17 am
-
I am new to OPNSense and I am following the guide to enable 2FA with Google Authenticator.
I create the TOTP server and a second user I go to the Tester.
If I choose Local server, the test works.
If I choose TOTP Server I have an authentication error.
In this case, however, I expected a field to appear on the screen where you can enter the Google Authenticator code but only the one for the username and password always appears.
I didn't understand if, also to do the test, I have to enable the TOTP server in System / Settings / Administration / Authentication.
I wish I could be sure that I can always authenticate as root without 2FA until everything works properly
-
The connector is most likely Local+TOTP so you input both the local password and the token in the order that you set in the authentication server settings.
Cheers,
Franco
-
The connector is most likely Local+TOTP so you input both the local password and the token in the order that you set in the authentication server settings.
I understand, I have to type "TokenPassword" in the same field.
Many thanks.
What I didn't understand is where I can set the "PasswordToken" request.
I did not understand why there are no two separate fields as is usually done.
In this way you cannot use services like LastPass to store very long and randomly generated passwords because it would always be known as a different password.
-
> I did not understand why there are no two separate fields as is usually done.
That's not an objective statement. You're using confirmation bias here and you will most likely work with GUI more than terminals where a second input box is far more problematic when you think of e.g. standardised PAM authentication exchange and the like. :)
> What I didn't understand is where I can set the "PasswordToken" request.
I'm unable to process this. Can you rephrase?
Cheers,
Franco