I tried to add a node to a Proxmox VE cluster using the GUI, but failed as I had two-factor authentication enabled on the root account. I could add the node after disabling TFA, but now I am wondering whether I will brick the cluster if I reenable TFA again.
Does a Proxmox cluster require me to keep no TFA on the root account of a Proxmox VE cluster? Not having TFA enabled on something as important as the root account of a virtualisation cluster seems like a weak point in any overall security concept. Disabling public access to the Proxmox management port is sadly not an option (as I need to share the access to the REST API with other) for me, so at least having access to TFA seems like the best trade off.
Does a Proxmox cluster require me to keep no TFA on the root account of a Proxmox VE cluster? Not having TFA enabled on something as important as the root account of a virtualisation cluster seems like a weak point in any overall security concept. Disabling public access to the Proxmox management port is sadly not an option (as I need to share the access to the REST API with other) for me, so at least having access to TFA seems like the best trade off.
