4 lines
430 B
Plaintext
4 lines
430 B
Plaintext
# Uses google authenticator library as PAM module using a single folder for all users tokens
|
|
# User root is required to stick with an hardcoded user when trying to determine user id and allow unexisting system users
|
|
# See https://github.com/google/google-authenticator/tree/master/libpam#secretpathtosecretfile--usersome-user
|
|
auth required pam_google_authenticator.so secret=/etc/openvpn/otp/${USER}.google_authenticator user=root |