Proxmox web GUI PAM auth doesn't wait for MFA


Jul 17, 2020
Hi everyone,

I use Jumpcloud's Linux agent to create a local user (admin) account on my Proxmox nodes that will wait for MFA to be completed before letting you login to the account. This works great, if I SSH to the Proxmox node with that account, it says "Waiting for phone authentication" after I put in the password, and I approve the request through Jumpcloud as expectd. However, when i log-in to the Proxmox Web GUI, it just lets me right through without waiting for the MFA to be approved. Once you're in the web GUI and then go to the shell for one of the nodes, logging in with "admin" there also waits for phone authentication.

Is there a difference between how the Proxmox web gui authenticates against PAM vs how SSH does? Jumpcloud doesn't even see the request, so I'm wondering if SSH is authenticating against something else. Both the default "root" and the new "admin" account show up in /etc/passwd.

Appreciate any help.

*edit, the reason I want to use jumpcloud instead of the built-in MFA is because I want the pop-up notification to approve MFA instead of needing to type in a code. And it has to be a PAM realm user otherwise the Shell won't load in the Web GUI. All convenience stuff, lol.

Last edited:


The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!