OpenVPN PAM authentication

  • I am using the OpenVPN plugin with PAM authentication enabled. By default, every user in passwd is able to authenticate using PAM authentication.
    Is it possible to limit this right to certain users only to minimise the attack surface?

    • Offizieller Beitrag

    You have users that are allowed to use the system but you don't want to vpn?

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    • Offizieller Beitrag

    Yes. I want to limit my VPN access as much as possible to reduce the attack surface.

    Unfortunately, I don't use openvpn. I was just hoping to clarify what you were asking in case someone else who uses openvpn was reading. Maybe I thinking wrong on how the plugin works but if the user is required to get a cert and the admin has to add that user to allow them to download the cert, what is the risk? If someone can hack openvpn, limiting your user list won't help.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!