allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity

Allow interactive usage

Browse Source
This commit is contained in:
Fabio Napoleoni 2016-02-06 21:38:26 +01:00
parent 6084261943
commit c24a22deea
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
bin/ovpn_otp_user
View File

@ -22,6 +22,12 @@ fi
# Ensure the otp folder is present # Ensure the otp folder is present
[ -d /etc/openvpn/otp ] || mkdir -p /etc/openvpn/otp [ -d /etc/openvpn/otp ] || mkdir -p /etc/openvpn/otp
# Bin is present in image, save an $user.google_authenticator file in /etc/openvpn/otp # Binary is present in image, save an $user.google_authenticator file in /etc/openvpn/otp
/usr/bin/google-authenticator --time-based --disallow-reuse --force --rate-limit=3 --rate-time=30 --window-size=3 \ if [ "$2" == "interactive" ]; then
"${1}@OpenVPN" -s /etc/openvpn/otp/${1}.google_authenticator # Authenticator will ask for other parameters. User can choose rate limit, token reuse policy and time window policy
# Always use time base OTP otherwise storage for counters must be configured somewhere in volume
google-authenticator --time-based --force -l "${1}@OpenVPN" -s /etc/openvpn/otp/${1}.google_authenticator
else
google-authenticator --time-based --disallow-reuse --force --rate-limit=3 --rate-time=30 --window-size=3 \
-l "${1}@OpenVPN" -s /etc/openvpn/otp/${1}.google_authenticator
fi