How to use Google Authenticator with OpenVPN server on Ubuntu 12.04

Solution 1:

Ok, Google is my friend.

I did this:

# apt-get purge libpam-google-authenticator
# download https://code.google.com/p/google-authenticator/downloads/list
# apt-get install libpam-dev

Add this to Makefile, right after the license:

LDFLAGS="-lpam"

Then

# make
# make install
# service openvpn restart

Also, make sure /home/username/.google_authenticator has no rights at all except read rights for the user that's going to use it.

Now I need to enter my username that's my local username on the server (my shell account) as my OpenVPN username and the Google Authenticator 6-digit code as the password.

Now it works.

Thank you all for your time :)

(How can I mark this post as solved? Do I just edit the topic title?)

Solution 2:

If you just want OTP auth for OpenVPN, there is a native OTP OpenVPN plugin available. It is compatible with Google Authenticator secret keys. All secrets are stored in a single text file and there is no need to configure PAM or create user directories.

Check it out: https://github.com/evgeny-gridasov/openvpn-otp