Two factor authentification using openconnect VPN

Hi all,

I would like to add two factor authentification (> TOTP; via Google Authenticator) to my VPN (using openconnect) but I could not find any information online how to do that.
The only thing I found was here:

and here:

What I understand so far is that this should be somehow included in /etc/config/ocserv. Please correct me if I am wrong.



1 Like

Hello @holzkohlengrill,

Although this question is a year old, I think it is a great question. I would also like to install this on my OpenVPN, luci, and ssh sessions. I am trying to research this as well and found these articles (The article is old and may be deprecated):

* Old OpenWrt Forum Archive

I will continue to do more research and see what I can find.

Hi @unitelife,

I am glad you posted. Meanwhile I thought I am the only one having this issue or cares about security.

What your link proposed (cross-compiling ocserv with pam) looks promising. That was actually the only option which I could have thought of might work. I tried it once using the SDK however I stopped since it was too time consuming at that moment.

I am looking forward to hear from you if this worked.
If so I would be delighted if you could share what exactly you did to accomplish this.

1 Like

Of course, that is my motto! share knowledge that was bestowed upon me to make other peoples' lives easier!

I just completed a number of projects and I will not lie when I say this may take some time.

I'll keep you posted with any updates as I am sure you and this bright community would do the same.

1 Like

@unitelife did you come any further with this topic?