Use $USER@$OVPN_CN for OTP label.

This commit is contained in:
Fabio Napoleoni 2016-02-07 13:22:20 +01:00
parent 10dd404159
commit e8d93ea4fa

View File

@ -26,8 +26,8 @@ fi
if [ "$2" == "interactive" ]; then
# Authenticator will ask for other parameters. User can choose rate limit, token reuse policy and time window policy
# Always use time base OTP otherwise storage for counters must be configured somewhere in volume
google-authenticator --time-based --force -l "${1}@OpenVPN" -s /etc/openvpn/otp/${1}.google_authenticator
google-authenticator --time-based --force -l "${1}@${OVPN_CN}" -s /etc/openvpn/otp/${1}.google_authenticator
else
google-authenticator --time-based --disallow-reuse --force --rate-limit=3 --rate-time=30 --window-size=3 \
-l "${1}@OpenVPN" -s /etc/openvpn/otp/${1}.google_authenticator
-l "${1}@${OVPN_CN}" -s /etc/openvpn/otp/${1}.google_authenticator
fi