I am using the OpenVPN plugin with PAM authentication enabled. By default, every user in passwd is able to authenticate using PAM authentication.
Is it possible to limit this right to certain users only to minimise the attack surface?
OpenVPN PAM authentication
-
- OMV 4.x
- justtim
-
-
Anyone?
-
You have users that are allowed to use the system but you don't want to vpn?
-
-
You have users that are allowed to use the system but you don't want to vpn?
Yes. I want to limit my VPN access as much as possible to reduce the attack surface.
-
Yes. I want to limit my VPN access as much as possible to reduce the attack surface.
Unfortunately, I don't use openvpn. I was just hoping to clarify what you were asking in case someone else who uses openvpn was reading. Maybe I thinking wrong on how the plugin works but if the user is required to get a cert and the admin has to add that user to allow them to download the cert, what is the risk? If someone can hack openvpn, limiting your user list won't help.
Participate now!
Don’t have an account yet? Register yourself now and be a part of our community!