PBS - VE can't start backups with TOTP/Two Step Auth

V

voarsh

Active Member
Nov 20, 2020
218
20
38
29
I've added two step auth and PVE can't start backups with error error fetching datastores - 401 Unauthorized.
I don't really want to add a new user just for backups... I'd need to change owner for all backups, etc.

Am I missing anything to make it painless to have TOTP and have VE just use password just for creating/reading/restoring backups from PBS?
Or must I do as above and transfer to a "jailed" account just for backup/restore, etc....
 
no there is currently no way for users with tfa to make backups from pve
you have 2 possibilities:
* create a new user
* create a token for the user

but with both, you'd need to change the owner of the backup groups
 
Using API tokens for any client is recommended in general, they can be restricted in privileges independent of the ones from the user, restricted in their validity time and revoked any time without impacting the actual user, and tokens are made for automated headless access (where no second factor or the like can be queried).

https://pbs.proxmox.com/docs/user-management.html#api-tokens
 
You must log in or register to reply here.
Top Bottom