[Swan] MFA
Paul Wouters
paul at nohats.ca
Sun Nov 24 11:41:02 UTC 2019
On Wed, 13 Nov 2019, Frank Uccello wrote:
> I installed libreswan on CENTOS 7.7 and now like to add MFA function to it.
>
> I could not find any clear URL on how to configure or install this
>
> The one url I found does not show any steps or least it is not clear on how to do this
If you mean Multi Factor Authentication, currently the only way is to
use IKEv1 with XAUTH where the user/passwd authentication includes an
OTP token, which is authenticated using pam.
https://libreswan.org/wiki/VPN_server_for_remote_clients_using_IKEv1_XAUTH_with_PSK
We are working on EAP support that should allow MFA with IKEv2 in the
future.
Paul
More information about the Swan
mailing list