On Fri, 17 Apr 2015, Andrew Holway wrote:
In an obviously blatant promotion exercise and attempt to build page
Please could I have some critique on this article?
Your feedback would be really appreciated
Thanks for the nice article showing how to enable OpenVPN with
- Title is misleading as article is about setting up OpenVPN with
two-factor auth, not really about FreeIPA itself
- You mention "Using a completely standard client OpenVPN configuration
with only one addition “auth-user-pass” to prompt for a password we
are able to use OpenVPN to log into a network using password+OTP."
However, there is no config example that shows it. I would add that,
along the lines of using PAM plugin.
- It would probably be good to mention that by using PAM authentication
plugin you also get HBAC rules from FreeIPA to fine tune which users
can actually use this VPN concentrator. As it is, any user from your
system would be able to use VPN but most probably you'd want to limit
them by group membership and it is better to achieve by using HBAC
/ Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project