promox web ui safe question

[haiwan]

Hi
we want know.
how to limit login promox web ui ip?
have demo show me?
and new U2F qcode don't know how to use .
we see one bye one video , just know work enter 6 number.
how to get this 6 number?
and we use pve shutdown windows2016 notice
VM quit/powerdown failed - got timeout

 

[sb-jw]

how to limit login promox web ui ip?

Use the Firewall: https://pve.proxmox.com/wiki/Firewall

have demo show me?

Show what?

and new U2F qcode don't know how to use .
we see one bye one video , just know work enter 6 number.
how to get this 6 number?

See: https://pve.proxmox.com/wiki/Two-Factor_Authentication

and we use pve shutdown windows2016 notice
VM quit/powerdown failed - got timeout

Already checked this?
https://pve.proxmox.com/wiki/Qemu-guest-agent

 

[haiwan]

Use the Firewall: https://pve.proxmox.com/wiki/Firewall


Show what?


See: https://pve.proxmox.com/wiki/Two-Factor_Authentication


Already checked this?
https://pve.proxmox.com/wiki/Qemu-guest-agent

tks, let me check
now have open guest

 

[haiwan]

hi
i want get a demo
forexample
we just let limit 192.168.1.100 visit promox web ui https://ip:8006
how to set.?
i think we have resolved.

 

[Vladimir Bulgaru]

Here's a small cheatsheet how to enable TFA:

1. install the utils to generate the QR code

   apt install qrencode

2. generate the code itself. I suggest you scan it via Authenticator app or something similar right away in order not to lose it

   clear && OATHKEYID=$(oathkeygen) && echo -e OATH key ID for $USER: $OATHKEYID && qrencode -t ANSIUTF8 -o - $(echo "otpauth://totp/PVE:$USER@"$(hostname --fqdn)"?secret=$OATHKEYID")

3. copy the string - you will need it to include within the user profile (root is the default user)
4. go to the Datacenter -> Permissions -> Authentication and edit PAM. Set TFA to OAUTH
5. go to the Datacenter -> Permissions -> Users and edit Root. Set Key IDs the string you've copied in 3)

 

[haiwan]

Here's a small cheatsheet how to enable TFA:

1. install the utils to generate the QR code

   apt install qrencode

2. generate the code itself. I suggest you scan it via Authenticator app or something similar right away in order not to lose it

   clear && OATHKEYID=$(oathkeygen) && echo -e OATH key ID for $USER: $OATHKEYID && qrencode -t ANSIUTF8 -o - $(echo "otpauth://totp/PVE:$USER@"$(hostname --fqdn)"?secret=$OATHKEYID")

3. copy the string - you will need it to include within the user profile (root is the default user)
4. go to the Datacenter -> Permissions -> Authentication and edit PAM. Set TFA to OAUTH
5. go to the Datacenter -> Permissions -> Users and edit Root. Set Key IDs the string you've copied in 3)

we have use wechat scan?

 

[Vladimir Bulgaru]

we have use wechat scan?

Didn't get your question.

 

[haiwan]

Didn't get your question.

because we use wechat this app scan. notice error