Using WiKID Strong Authentication with OpenVPN

How to configure OpenVPN to use WiKID Strong Authentication

These instructions will help you use WiKID Strong Authentication withOpenVPN on Linux.

plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so openvpn
If you want to drop the requirement for client certificates, add the following as well:
client-cert-not-required
username-as-common-name
  • Then, on the client, specify that the user enter a password by adding this to the client.conf or client.opvn:
  • auth-user-pass

    If you drop the requirement for client certificates on the server, you should also comment them out on the client:

    #cert client.crt
    #key client.key

    Now you need to create the /etc/pam.d/openvpn file. It should only need two lines, one for authentication and one for account:

    auth       sufficient   /lib/security/pam_radius_auth.so debug
    account    sufficient    /lib/security/pam_radius_auth.so

    That is it!

    The WiKID Strong Authentication System is a very reasonably priced two-factor authentication solution. We invite you to learn more about our technology and architecture and to download and test the Enterprise version.

    Ever since deploying WiKID, we  have  secured our Production systems from unauthorized access and maintained PCI compliance