TFA-enabled login currently works only with a TTY - Join Cluster

MysticDev-Josh

MysticDev-Josh

Active Member
Proxmox Subscriber
Jan 31, 2020
8
1
43
36
Texas
mysticdev.io
I have TFA attached to the ROOT account and this is what was popping up when I tried to add another node to the cluster.
I did a search for this but they were using Certs.
Code: 
TASK ERROR: TFA-enabled login currently works only with a TTY. at /usr/share/perl5/PVE/APIClient/LWP.pm line 99
 
Hello,I know that is old topic, but for future users I provide reply :)

Use command line if you are using TFA on main cluster device. Example:

Bash: 
pvecm add <IP of master or Domain Name - if you are using SSL from LE> -link0 <your IPv4> -link1 <Your IPv6>
 
  • Like
Reactions: Jc Miñarro, f1shboll and tomgreaser
I follow your approach and could join the cluster. Now I cannot login to the "joining / slave node" anymore directly. The password is fine but the TOTP code is not accepted as valid. I have access to the root shell of the slave node via the master node, since the slave node is now part of the cluster. Anyone experienced this?
 
j.io said:
I follow your approach and could join the cluster. Now I cannot login to the "joining / slave node" anymore directly. The password is fine but the TOTP code is not accepted as valid. I have access to the root shell of the slave node via the master node, since the slave node is now part of the cluster. Anyone experienced this?
Click to expand...
sorry - just saw it. I guess that is the normal behavior
 
razit said:
Hello,I know that is old topic, but for future users I provide reply :)

Use command line if you are using TFA on main cluster device. Example:

Bash: 
pvecm add <IP of master or Domain Name - if you are using SSL from LE> -link0 <your IPv4> -link1 <Your IPv6>
Click to expand...
This worked great, thank you!
 
  • Like
Reactions: fishburn24
Can anyone explain this for a noob, please? I don't have a cluster, just one PVE and one PBS. The PBS is getting that same error when trying to use as datastore with 2FA enabled.
 
used1d said:
Can anyone explain this for a noob, please? I don't have a cluster, just one PVE and one PBS. The PBS is getting that same error when trying to use as datastore with 2FA enabled.
Click to expand...
This command solved it for me: pvecm add <cluster-ip> -link0 <node-ip> --use_ssh
 
You must log in or register to reply here.
Top Bottom