totp

Previously (in 7.x at least), you were able to include otp in a single request to /api2/json/access/ticket which would verify both the username/password and TOTP token and immediately provide a ticket and CSRF token. However, this appears to no longer work and requires the two-request flow the...

Hello! I've been trying to figure out how to add a hardware totp token that has a 60 sec timer. Simple solution would be to buy the correct periodicity, but I was hoping someone may have already done this. Things I've tried: -Add the token via the TFA gui -> doesn't work since that only...

Hi i am a little bit confused about the TFA config. I have a 3 nodes PVE cluster where on every node the root user has a different password. When I try to enable TOTP, even via user config I always landing on the Datacenter / Permissions / Two Factor config page. If I then create a TOTP for...

Hi all! I have a domain pointing to my server, with nginx reverse proxy, cloudfare and SSL. All is working well, what I want is to use 2FA only outside my home and not on lan. Is there a way to do this? I´m not able to install a VPN on my job computer, so I need to expose the server to the web...

Hello Everyone, I was trying to disable my 2FA and there was a check box to enable and I checked it off. when I tried to log in again it still asks me for the TOTP code But I am unable to write anything. So I am locked out of the Web UI but I still have my SSH connection working. I found a...

Hi everyone, It's my first post, so I'm not sure I was supposed to post it here, but anyways, it could help So I tried to add new features to my proxmox recently, especially 2FA It works like a charm, I could use my Google authenticator for login, very cool ! But finally i decided to remove...

Hi, Seems that latest pve7.1 changes the way we record totp on /etc/pve/priv/tfa.cfg. I have a problem with that because the 'Secret' is now showed V2 : V1: V2 method allows root to know all secrets keys for all users. Some of them use the same TOTP secret for several services...

Hi, I enabled 2FA in web admin panel for root user and worked as expected. But now I've disabled 2FA (unchecked TOTP Enable option in user options) and cannot access the web admin, the endpoint API call returns a 401 error. I can still access through SSH. I've restarted the server, and also...