[SOLVED] Adding 2FA WebAuthn fails

L

LooneyTunes

Active Member
Jun 1, 2019
203
22
38
Hi,

I want to enable WebAuthn for Proxmox VE but recieves an error when doing so "no webauthn configuration available". If I go to the Realms menu I find Yubico as an alternative, but selecting that shows new fields asking for API id and API key. No idea what that should be, or even if that is neccessary to fill in?
Thanks
 
LooneyTunes said:
Oh, I missed that part, sorry. Thanks for pointing that out, will try immediately.
Click to expand...
I configured the file and tried again, same issue. I am now rebooting Proxmox to see if that helps

Edit: Restart did not help, still same error when trying to add it...

In the log I found this now, so something is happening... :)
Code: 
origin=https': property is not defined in schema and the schema does not allow additional properties

I did use the exact syntax from your example (modified to my domain of course);
Code: 
webauthn:
rp=mypve.example.com,origin=https://mypve.example.com:8006,id=mypve.example.com
 
Last edited:
LooneyTunes said:
Code:
I did use the exact syntax from your example (modified to my domain of course);
Click to expand...
can you try putting them in a single line? e.g. webauthn: id=localhost,origin=https://localhost:8006,rp=localhost

you can also do it on the GUI in case you don't want to manually edit the file; just go to Datacenter -> Options -> WebAuthn settings

edit: will send a fix for the syntax in the docs, thanks for the heads up!
 
oguz said:
can you try putting them in a single line? e.g. webauthn: id=localhost,origin=https://localhost:8006,rp=localhost

you can also do it on the GUI in case you don't want to manually edit the file; just go to Datacenter -> Options -> WebAuthn settings

edit: will send a fix for the syntax in the docs, thanks for the heads up!
Click to expand...
Worked like a charm on one line!

Thank you!
 
  • Like
Reactions: oguz
CRCinAU said:
How do you do this if you have two nodes in a cluster?
Click to expand...
afaik - you need a name like: cluster.example.com and A and AAAA records with multiple IPs

e.g. for IPv4
cluster.example.com A 192.168.0.20
cluster.example.com A 192.168.0.30

same for IPv6
cluster.example.com AAAA fd20::20
cluster.example.com AAAA fd20::30

similiar with public IPv4/v6 addresses
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back