tfa

.

Hello, I have a cluster of PVE 7 hosts which I want to upgrade to PVE 8 in-place. After updating one host, I cannot delete users in Datancenter -> Users: delete user failed: cannot update tfa config, following nodes are not up to date: cluster node 'pd115' provided an invalid version string...

So I have read plenty of posts about the TFA issue and recommendation but for some reason I can not even login in to the server directly when trying to disable TFA. GUI and CLI logins are all denied. Am I missing something? I followed the documentation for setting up the TFA so I am still...

Hello! I've been trying to figure out how to add a hardware totp token that has a 60 sec timer. Simple solution would be to buy the correct periodicity, but I was hoping someone may have already done this. Things I've tried: -Add the token via the TFA gui -> doesn't work since that only...

I noticed that I can setup in Configuration-> Other-> WebAuthn TFA just one domain, but I have multiple domains (separate domains, not sub domains) accessing this server. How can I setup WebAuthn for multiple domains?

Hi i am a little bit confused about the TFA config. I have a 3 nodes PVE cluster where on every node the root user has a different password. When I try to enable TOTP, even via user config I always landing on the Datacenter / Permissions / Two Factor config page. If I then create a TOTP for...

Ich habe aktuell folgendes Phänomen, ich habe eine Nutzerauthtentifizierung per LDAP eingerichtet was auch problemlos funktioniert. Nun wollte ich den Login weiter absichern und 2FA aktivieren was in erster Linie auch funktionierte .. also im Endeffekt 2FA angelegt über "totp" und den dann im...

Guten Morgen liebe Community, seit einigen Tagen ist auf meinem PBS kein Login mehr möglich. Über den Benutzernamen und das Passwort komme ich noch hinaus, die Eingabe vom zweiten Faktor klappt jedoch nicht mehr. Gibt es die Möglichkeit die 2FA Option für den Benutzer root(pam) zu deaktiveren...

I encountered an issue with using WebAuthn as a second factor. Previously, only TOTP was set up for my user account in the pve realm, and even now have never encountered an issue with this second factor. Having recently acquired an SSL certificate for my PVE node, I set up WebAuthn as an...

I had TFA enabled then wanted to add a cluster to add another node in my primary datacenter, so I started in the GUI added a cluster and then copied JOIN and went to 2nd node to add it and would not allow me because of TFA was enabled... so I went to TFA and disabled it via GUI then logged out...

Hi Guys, I'm quite new to proxmox, i have some virtual machines and everything is fine so far, now i wanted to implement 2FA in order to make it a little safer and because i was curious. Unfortunately, i can't activate 2FA / TFA for a pve user, it's available for pam though. I'd appreciate...

Ich würde gerne für meinen root user eine 2FA einrichten aber leider wird der qr code nicht erkannt. Jeder andere QR-Code funktioniert nur der nicht. Hat jemand eine Ahnung woran das liegen könnte. Danke im Voraus.

I tried to add a node to a Proxmox VE cluster using the GUI, but failed as I had two-factor authentication enabled on the root account. I could add the node after disabling TFA, but now I am wondering whether I will brick the cluster if I reenable TFA again. Does a Proxmox cluster require me...

Hello Proxmox Community, I tried using TFA with andOTP and it works just fine. But I want to use a hardware token. So I ordered one with the matching OATH specifications. running oathtool in the shell of my pve-host works just fine: oathtool --totp --digits 6 -s 30 -w 2 -b...

Hi There, Looks like there is a bug in PVE 5.4-3 when trying to login to the Proxmox WebUI (Mobile Version) when TFA is enabled for the user. The error given is “Login failed. Please enter the correct credentials”. If the full WebUI is forced on a mobile device, the credentials are accepted...

After upgrading to 5.4-3 TFA [2FA] seems to be completely broken ... Both Yubico and OATH methods now spit out an authentication error in GUI Interestingly the log shows that the user has been authenticated correctly ?? It all works fine in 5.3-11 Tested on 4 servers in total - exactly...

This seems more a feature request than anything but I thought this would be a good place to start. My office uses smartcards for authentication of just about everything. Computer logins, web sites, email, etc and all authentication is verified via Active Directory. It has been requested by our...

Hallo zusammen, ich habe folgendes Problem: Ich nutze eine TFA mit OTPs sowohl in der Webgui als auch für SSH. Mir ist dann aufgefallen, dass der Zugriff auf die VM Console nicht mehr funktioniert, wenn diese auf einem anderen Server liegt. Heißt ich bin auf Server 1 angemeldet und möchte auf...