diff options
author | Kim <kim.sidney@gmail.com> | 2021-10-31 14:05:28 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-10-31 14:05:28 +0100 |
commit | 629c169a43ffcff4a820cdafaeca430141815829 (patch) | |
tree | 3fb7e28ad4da617c29977d95dac6c41690b291c8 /interface-definitions/interfaces-openvpn.xml.in | |
parent | 062422db04f5ec6fd0a769f0d71faf4efa2d377f (diff) | |
parent | 28db7b15426fffc0f656e8d26db397d7bfb72aee (diff) | |
download | vyos-1x-629c169a43ffcff4a820cdafaeca430141815829.tar.gz vyos-1x-629c169a43ffcff4a820cdafaeca430141815829.zip |
openvpn: T3834: Support for Two Factor Authentication totp
Diffstat (limited to 'interface-definitions/interfaces-openvpn.xml.in')
-rw-r--r-- | interface-definitions/interfaces-openvpn.xml.in | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in index d67549d87..6b4440688 100644 --- a/interface-definitions/interfaces-openvpn.xml.in +++ b/interface-definitions/interfaces-openvpn.xml.in @@ -633,6 +633,92 @@ </properties> <defaultValue>net30</defaultValue> </leafNode> + <node name="mfa"> + <properties> + <help>multi-factor authentication</help> + </properties> + <children> + <node name="totp"> + <properties> + <help>Time-based one-time passwords</help> + </properties> + <children> + <leafNode name="slop"> + <properties> + <help>Maximum allowed clock slop in seconds (default: 180)</help> + <valueHelp> + <format>1-65535</format> + <description>Seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + <defaultValue>180</defaultValue> + </leafNode> + <leafNode name="drift"> + <properties> + <help>Time drift in seconds (default: 0)</help> + <valueHelp> + <format>1-65535</format> + <description>Seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + <defaultValue>0</defaultValue> + </leafNode> + <leafNode name="step"> + <properties> + <help>Step value for totp in seconds (default: 30)</help> + <valueHelp> + <format>1-65535</format> + <description>Seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + <defaultValue>30</defaultValue> + </leafNode> + <leafNode name="digits"> + <properties> + <help>Number of digits to use for totp hash (default: 6)</help> + <valueHelp> + <format>1-65535</format> + <description>Seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + <defaultValue>6</defaultValue> + </leafNode> + <leafNode name="challenge"> + <properties> + <help>Expect password as result of a challenge response protocol (default: enabled)</help> + <completionHelp> + <list>disable enable</list> + </completionHelp> + <valueHelp> + <format>disable</format> + <description>Disable challenge-response</description> + </valueHelp> + <valueHelp> + <format>enable</format> + <description>Enable chalenge-response (default)</description> + </valueHelp> + <constraint> + <regex>^(disable|enable)$</regex> + </constraint> + </properties> + <defaultValue>enable</defaultValue> + </leafNode> + </children> + </node> + </children> + </node> </children> </node> <leafNode name="shared-secret-key"> |