tfa

  1. U

    Ticket API OTP Failing

    I have created a new user accout on the PVE instance. I have also added a TOTP 2fa entry for this user. If I login as the user via the GUI login, the 2fa code works and login occurs as expected. There are two log entries generated during the login process. The first is after the username and...
  2. K

    Cannot delete user: invalid version string

    Hello, I have a cluster of PVE 7 hosts which I want to upgrade to PVE 8 in-place. After updating one host, I cannot delete users in Datancenter -> Users: delete user failed: cannot update tfa config, following nodes are not up to date: cluster node 'pd115' provided an invalid version string...
  3. L

    TFA

    So I have read plenty of posts about the TFA issue and recommendation but for some reason I can not even login in to the server directly when trying to disable TFA. GUI and CLI logins are all denied. Am I missing something? I followed the documentation for setting up the TFA so I am still...
  4. D

    TFA with 60 sec timer

    Hello! I've been trying to figure out how to add a hardware totp token that has a 60 sec timer. Simple solution would be to buy the correct periodicity, but I was hoping someone may have already done this. Things I've tried: -Add the token via the TFA gui -> doesn't work since that only...
  5. M

    WebAuthn with multiple Domains

    I noticed that I can setup in Configuration-> Other-> WebAuthn TFA just one domain, but I have multiple domains (separate domains, not sub domains) accessing this server. How can I setup WebAuthn for multiple domains?
  6. E

    confused by TFA config

    Hi i am a little bit confused about the TFA config. I have a 3 nodes PVE cluster where on every node the root user has a different password. When I try to enable TOTP, even via user config I always landing on the Datacenter / Permissions / Two Factor config page. If I then create a TOTP for...
  7. J

    2FA TFA LDAP funktioniert kurz nach Einrichtung und einen Tag später nicht mehr

    Ich habe aktuell folgendes Phänomen, ich habe eine Nutzerauthtentifizierung per LDAP eingerichtet was auch problemlos funktioniert. Nun wollte ich den Login weiter absichern und 2FA aktivieren was in erster Linie auch funktionierte .. also im Endeffekt 2FA angelegt über "totp" und den dann im...
  8. I

    PBS TFA deaktivieren - Login Probleme

    Guten Morgen liebe Community, seit einigen Tagen ist auf meinem PBS kein Login mehr möglich. Über den Benutzernamen und das Passwort komme ich noch hinaus, die Eingabe vom zweiten Faktor klappt jedoch nicht mehr. Gibt es die Möglichkeit die 2FA Option für den Benutzer root(pam) zu deaktiveren...
  9. S

    [SOLVED] Unable to login with WebAuthn

    I encountered an issue with using WebAuthn as a second factor. Previously, only TOTP was set up for my user account in the pve realm, and even now have never encountered an issue with this second factor. Having recently acquired an SSL certificate for my PVE node, I set up WebAuthn as an...
  10. S

    [SOLVED] creating cluster for 2 nodes and TFA is enabled so I can't Join 2nd node then disable TFA no GUI access

    I had TFA enabled then wanted to add a cluster to add another node in my primary datacenter, so I started in the GUI added a cluster and then copied JOIN and went to 2nd node to add it and would not allow me because of TFA was enabled... so I went to TFA and disabled it via GUI then logged out...
  11. H

    TFA / 2FA not available for PVE Realm ?

    Hi Guys, I'm quite new to proxmox, i have some virtual machines and everything is fine so far, now i wanted to implement 2FA in order to make it a little safer and because i was curious. Unfortunately, i can't activate 2FA / TFA for a pve user, it's available for pam though. I'd appreciate...
  12. S

    2FA wird nicht erkannt

    Ich würde gerne für meinen root user eine 2FA einrichten aber leider wird der qr code nicht erkannt. Jeder andere QR-Code funktioniert nur der nicht. Hat jemand eine Ahnung woran das liegen könnte. Danke im Voraus.
  13. H

    Adding a node to a PVE cluster with TFA on root account

    I tried to add a node to a Proxmox VE cluster using the GUI, but failed as I had two-factor authentication enabled on the root account. I could add the node after disabling TFA, but now I am wondering whether I will brick the cluster if I reenable TFA again. Does a Proxmox cluster require me...
  14. M

    TFA with OATH Hardware Token

    Hello Proxmox Community, I tried using TFA with andOTP and it works just fine. But I want to use a hardware token. So I ordered one with the matching OATH specifications. running oathtool in the shell of my pve-host works just fine: oathtool --totp --digits 6 -s 30 -w 2 -b...
  15. N

    Cannot login to Mobile Web UI when using 2FA (TOTP)

    Hi There, Looks like there is a bug in PVE 5.4-3 when trying to login to the Proxmox WebUI (Mobile Version) when TFA is enabled for the user. The error given is “Login failed. Please enter the correct credentials”. If the full WebUI is forced on a mobile device, the credentials are accepted...
  16. SierraEcho

    [SOLVED] TFA [2FA] Two-Factor Authentication Broken in Proxmox 5.4

    After upgrading to 5.4-3 TFA [2FA] seems to be completely broken ... Both Yubico and OATH methods now spit out an authentication error in GUI Interestingly the log shows that the user has been authenticated correctly ?? It all works fine in 5.3-11 Tested on 4 servers in total - exactly...
  17. C

    AD Smartcard Authentication for web GUI

    This seems more a feature request than anything but I thought this would be a good place to start. My office uses smartcards for authentication of just about everything. Computer logins, web sites, email, etc and all authentication is verified via Active Directory. It has been requested by our...
  18. G

    SSH TFA blockt Console

    Hallo zusammen, ich habe folgendes Problem: Ich nutze eine TFA mit OTPs sowohl in der Webgui als auch für SSH. Mir ist dann aufgefallen, dass der Zugriff auf die VM Console nicht mehr funktioniert, wenn diese auf einem anderen Server liegt. Heißt ich bin auf Server 1 angemeldet und möchte auf...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!