Hello, Has anyone implemented challenge-response support to openvpn and openvpn gui?
I'd like to be able to authenticate openvpn users so that all these are required: 1) x509 certificate 2) username + password 3) one time password (otp) So after the user gets user+pass prompt, and the password is verified to be correct, the user will get another prompt asking for a one time password. OTP can be delivered as sms to the user, or it could be rsa securid value from the token, or something else.. Openvpn gui would need to be able to present additional prompt after the usual user+pass prompt.. For example openssh supports challenge-response, so user+pass+otp is possible with it. Thoughts/plans? -- Pasi