I would like to add two factor authentification (> TOTP; via Google Authenticator) to my VPN (using openconnect) but I could not find any information online how to do that.
The only thing I found was here:
What I understand so far is that this should be somehow included in
/etc/config/ocserv. Please correct me if I am wrong.
Although this question is a year old, I think it is a great question. I would also like to install this on my OpenVPN, luci, and ssh sessions. I am trying to research this as well and found these articles (The article is old and may be deprecated):
* Old OpenWrt Forum Archive
I will continue to do more research and see what I can find.
I am glad you posted. Meanwhile I thought I am the only one having this issue or cares about security.
What your link proposed (cross-compiling ocserv with pam) looks promising. That was actually the only option which I could have thought of might work. I tried it once using the SDK however I stopped since it was too time consuming at that moment.
I am looking forward to hear from you if this worked.
If so I would be delighted if you could share what exactly you did to accomplish this.
Of course, that is my motto! share knowledge that was bestowed upon me to make other peoples' lives easier!
I just completed a number of projects and I will not lie when I say this may take some time.
I'll keep you posted with any updates as I am sure you and this bright community would do the same.
@unitelife did you come any further with this topic?