I have two nodes, A and B. I decided to try out two-factor authentication. I logged into node A, clicked the top-right menu in the web GUI, clicked "TFA", and set up a TOTP secret in my phone's 2FA app (scanned the QR code, verified it, etc.). I now am required to enter the 2FA code whenever I log into node A's web GUI, as expected.
I have now noticed that I can no longer log into node B's web GUI. When I try, I am prompted for a 2FA code. I have attempted to use the same code I am using for node A's log, but this does not work.
I have verified that the 2FA secret stored in /etc/pve/priv/tfa.cfg is identical on both boxes. I have also verified that both boxes are time-synchronized via NTP to the same NTP servers.
Is there some trick to getting 2FA working across boxes? I don't mind having separate secrets for each (though would prefer one just for convenience).
Let me know if there is any additional info I can post.
Thanks!
I have now noticed that I can no longer log into node B's web GUI. When I try, I am prompted for a 2FA code. I have attempted to use the same code I am using for node A's log, but this does not work.
I have verified that the 2FA secret stored in /etc/pve/priv/tfa.cfg is identical on both boxes. I have also verified that both boxes are time-synchronized via NTP to the same NTP servers.
Is there some trick to getting 2FA working across boxes? I don't mind having separate secrets for each (though would prefer one just for convenience).
Let me know if there is any additional info I can post.
Thanks!
