Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
PAM
« previous
next »
Print
Pages: [
1
]
Author
Topic: PAM (Read 9836 times)
strebor
Newbie
Posts: 5
Karma: 0
PAM
«
on:
November 05, 2016, 11:09:43 am »
Hi opnsensonians.
Am I correct in thinking that from 17.1 I will be able to use Yubico's PAM module on OpenVpn?
Regards Strebor
Logged
franco
Administrator
Hero Member
Posts: 17660
Karma: 1611
Re: PAM
«
Reply #1 on:
November 07, 2016, 07:36:57 am »
Hi Strebor,
I don't think so. PAM authentication on the roadmap is supposed to do the following:
Provide a unified PAM plugin for the full OPNsense authentication framework so that you can e.g. use TOTP on SSH connections.
It potentially allows us to expand all PAM-capable services to use said framework, driven from the config.xml, fully restorable and also freely extensible in terms of future plugins.
Does that answer your question?
Cheers,
Franco
Logged
strebor
Newbie
Posts: 5
Karma: 0
Re: PAM
«
Reply #2 on:
November 08, 2016, 10:49:52 am »
Thanks Franco, I was hoping to use my Yubikey for authentication just with OpenVPN.
Strebor
Logged
franco
Administrator
Hero Member
Posts: 17660
Karma: 1611
Re: PAM
«
Reply #3 on:
November 08, 2016, 11:28:03 am »
YubiKey authentication would be intersting for our core authentication framework, not just OpenVPN. So far we've incorporated TOTP, but we're not against including other types. It's just that we can't align more authentication methods with the global roadmap and the work we still want to do in other parts of the system or the underlying system components.
You can open a feature request on GitHub, chances are that somebody will agree and work on it, although no guarantees can be given:
https://github.com/opnsense/core/issues
Thanks,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
PAM