Skip to main content

How to configure OpenVPN to use WiKID Strong Authentication

These instructions will help you use WiKID Strong Authentication withOpenVPN on Linux.

 

plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so openvpn
      If you want to drop the requirement for client certificates, add the following as well:
client-cert-not-required
username-as-common-name
    • Then, on the client, specify that the user enter a password by adding this to the client.conf or client.opvn:
auth-user-pass

If you drop the requirement for client certificates on the server, you should also comment them out on the client:

#cert client.crt
#key client.key

Now you need to create the /etc/pam.d/openvpn file. It should only need two lines, one for authentication and one for account:

auth       sufficient   /lib/security/pam_radius_auth.so debug
account    sufficient    /lib/security/pam_radius_auth.so

That is it!

The WiKID Strong Authentication System is a very reasonably priced two-factor authentication solution. We invite you to learn more about our technology and architecture and to download and test the Enterprise version.

Keywords:



 

Copyright © WiKID Systems, Inc. 2024 | Two-factor Authentication