I am trying to find out if it is possible to configure proxmox to only require two-factor login when accessed from a remote IP address. Further, I'd like to find out if I can completely disable the PAM authentication realm or at least the root user for remote access. Is this possible? My searching revealed nothing fruitful.
Changing Two-factor requirements and disabling root or PAM login from remote IPs
- Thread starter polarox
- Start date
Hi,
you can enforce TFA for an auth realm, but not for remote IPs.
There is no need for disabling the PAM realm because you have to allow a user explicit to access the Proxmox VE API/GUI.
SSH access must be handled by sshd_config. What I mean is you have to restrict the pam user in ssh config.
you can enforce TFA for an auth realm, but not for remote IPs.
There is no need for disabling the PAM realm because you have to allow a user explicit to access the Proxmox VE API/GUI.
SSH access must be handled by sshd_config. What I mean is you have to restrict the pam user in ssh config.