totp

2026-04-21 21:48:31 +01:00
parent 97c8b30452
commit f8b9d52a96
15 changed files with 59 additions and 70 deletions
--- a/conf/client.conf
+++ b/conf/client.conf
@@ -0,0 +1,18 @@
+client
+dev tun
+proto udp
+remote 10.60.0.3 1194   # ip da vpn gateway
+persist-tun
+persist-key
+
+# certificados
+ca /etc/openvpn/client/ca.crt
+cert /etc/openvpn/client/user.crt
+key /etc/openvpn/client/user.key
+
+# auth
+cipher AES-256-GCM
+auth SHA256
+
+auth-user-pass
+tls-auth /etc/openvpn/client/ta.key 1
--- a/conf/httpd.conf
+++ b/conf/httpd.conf
--- a/conf/openssl.cnf
+++ b/conf/openssl.cnf
--- a/conf/ssl.conf
+++ b/conf/ssl.conf
--- a/conf/totp
+++ b/conf/totp
@@ -0,0 +1,3 @@
+auth    required    pam_unix.so    workaround_procrastination
+auth    required    pam_google_authenticator.so
+account required    pam_unix.so
--- a/conf/vpn.conf
+++ b/conf/vpn.conf
@@ -0,0 +1,23 @@
+local 10.60.0.3
+port 1194
+proto udp
+dev tun
+
+# Bro is too honorable
+ca /etc/openvpn/server/ca.crt
+cert /etc/openvpn/server/vpn.crt
+key /etc/openvpn/server/vpn.key
+dh /etc/openvpn/server/dh2048.pem
+
+server 10.8.0.0 255.255.255.0
+verb 4
+
+topology subnet
+
+# auth
+cipher AES-256-GCM
+auth SHA256
+
+# plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so login
+plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so totp
+tls-auth /etc/openvpn/server/ta.key 0