authentication

  1. [SOLVED] How to Create an Authentication Ticket via REST API?

    I can see in the API documentation where the endpoint is for creating an authentication ticket: https://pmg.proxmox.com/pmg-docs/api-viewer/index.html#/access/ticket I don't see anything in the main documentation describing how to use the REST API. I have provided the username and password...
  2. [SOLVED] FIDO2 / WebAuthn Only Single Factor Passwordless Authentication

    The current WebAuthn support is really great. Painless configuration and operation. Is there a way to remove password authentication and just use the WebAuthn only for single factor, passwordless authentication? I don't see any obvious way to do this.
  3. Any plan to add AD as an auth source ?

    There is no option to add an AD in the Realms page. To allow pulling users and groups from Active Directory Juste like we have in PVE ? Thanks
  4. Proxmox hinter Proxy .. Proxy an LXC durchreichen

    Hallo, ich habe zum testen auf der Firma einen Proxmox installiert. Wir haben keinen direkten Internetzugang, sondern nur über einen Proxy mit Authentication. Im PVE habe ich unter Optionen den Proxy eingetragen (http://username:password@proxy:port) das klappt auch, er bekommt seine...
  5. TFA / 2FA not available for PVE Realm ?

    Hi Guys, I'm quite new to proxmox, i have some virtual machines and everything is fine so far, now i wanted to implement 2FA in order to make it a little safer and because i was curious. Unfortunately, i can't activate 2FA / TFA for a pve user, it's available for pam though. I'd appreciate...
  6. Integration of AD and pve

    I am currently testing integration of AD with PVE including syncing and found the documentation and wiki somewhat incomplete. Especially there were two points can I use bind_dn and similar with AD as well (yes) how to filter a set of users and/or groups. Luckily there are options documented in...
  7. LDAP Sync Empty User filter?

    Hi, I'm setting up ldap sync on PVE as below, my understanding is I'm setting up the User classes and Group classes so that users and groups with that objectClass would be fetched regardingly. However with the User Filter and Group Filter, I want to fetch groups starts with pve_ and all users...
  8. Unable to Authenticate with AD User

    I have a Windows Domain that all of my boxes are joined too. I joined my two Proxmox hosts to the domain, and I'm able to su to Active Directory users and use them as normal on the local machine. However, when I go into proxmox, I get "Login Failed. Please try again" and in the syslog I get...
  9. LDAP Sync with nested Groups

    Hello everyone, I am currently trying to implement LDAP Sync for our Proxmox cluster. Basically it's working fine, the only thing I don't get to sync are the user to group associations when a user is in a nested group. This is the relevant content of my domains.cfg: ad: example.local...
  10. LDAP confguration

    Hi. I'm using PVE version 6.2-12 and can't find information relative to some of the LDAP configuration options in the documentation or elsewhere. Groupname attr. and the user and group filters are not explained in the official documentation and I can't find any examples of how they are...
  11. DerDanilo

    PBS integration security

    Just tested PBS PVE integration and was wondering if it will be possible to use "username + ssh key/client cert based authentication" instead of "username + password". Passwords are currently stored in clear text files within the pve configuration folder. I feel uncomfortable using password when...
  12. [SOLVED] Promox PAM Authentication not working against SSSD

    I'm trying to get Promox PAM Authentication working against FreeIPA. I've joined the Promox nodes to FreeIPA and I'm able to ssh into each of the nodes using both my password and ssh keys from FreeIPA. What seems to be going on is the order of operations in the PAM modules. Here are two...
  13. [SOLVED] WebUI denies login

    Hello! I have weird problem: after fresh install of Proxmox using Hetzner install script on Debian Buster (10.3 minimal) authentication via WebUI always fails wrong password. For any user and any realm. I've tried creating new users in system or PVE and add via SSH (auth using SSH key) using...
  14. Radius Authentication - SSH, SUDO, etc. working / Proxmox not

    Hello, Getting started with proxmox. Love it already! I´d like to see RADIUS Auth working on the Proxmox GUI :) SSH, SUDO, SU, etc all work with radius password. Any idea why Proxmox GUI is not? The user xxxxx has a radius password and a local PAM password. The local PAM password is working...
  15. Markus S.

    [SOLVED] Authentication with OpenID Connect

    We are using Auth0 (www.auth0.com) with an Azure AD enterprise connection for all our services that are hosted outside the company. I found a thread from 2018 regarding OpenID Connect auth for PVE. https://pve.proxmox.com/pipermail/pve-devel/2018-March/031317.html How is the state of this...
  16. after upgrade to PVE 6.0 don't work AD auth with SSL

    Hi All! I had a test cluster PVE 5.4 with authentication thru Active Directory (Win 2008 R2) with SSL enabled, worked well. After upgrade to PVE 6.0 any user got message "Login failed. Please try again" while trying to log on. In log I see: Aug 17 07:59:17 pve-test-00114983...
  17. V5.4 : does qm vncproxy not support VeNCrypt/X509Plain anymore ?

    Hi, For some reasons irrelevant to explain, I used to connect to VMs with an external VNC Viewer (TigerVNC), by setting up inetd.conf on the server. Until PVE 5.1 everything worked fine. I just set up a 5.4 server, and now vncviewer only prompts for password, not for username. It seems PVE...
  18. Facing issue with proxmox noVNC (API), Error 401 no ticket

    Hello I am new to proxmox, I'm trying to run noVNC using php. I authenticate Using API_URL/access/ticket and set ticket to cookie "PVEAuthCookie", see attachment I have tried to connect in the following way domain:8006/?console=kvm&novnc=1&vmid=100&vmname=name&node=namenode The error...
  19. U2F Key Integration and Backup Codes

    Hello everyone, I have used the Microsoft Authenticator for quiet a long time. Now I've purchased a U2F-Key, because I don't want to have to go to the other side of the room to grab my phone, unlock it, open Authenticator, log in again, read the code and type it in. Also I want to be able to...
  20. change ticket lifetime for url in daily spam report

    Hi, i need help to change ticket lifetime for url in daily spam report to be 2 days. Can we change ticket life time to be 2 days, and after 2 days system generate new ticket, and users couldn't open URL's older than 2 days. Note: LDAP Authentication enabled "configuration > Spam Detector >...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!