- Not tested in production environments!
Use it on your own risk =)
A simple tool to use with openvpn when you need to use –auth-user-pass-verify
or wherever you want
make sure openvpn-user
binary available through PATH
variable and you have auth.sh or auth_totp.sh script with +x
rights available to openvpn server
i.e. put binary to /usr/local/sbin/
and auth script to /etc/openvpn/scripts/
dir
part of openvpn server config
script-security 2
auth-user-pass-verify /etc/openvpn/scripts/auth.sh via-file
usage: openvpn-user [<flags>] <command> [<args> ...]
Flags:
--help Show context-sensitive help (also try --help-long and --help-man).
--db.path="./openvpn-user.db" path do openvpn-user db
Commands:
help [<command>...]
Show help.
db-init
Init db.
db-migrate
STUB: Migrate db.
create --user=USER --password=PASSWORD
Create user.
--user=USER Username.
--password=PASSWORD Password.
delete --user=USER [<flags>]
Delete user.
-f, --force delete from db.
-u, --user=USER Username.
revoke --user=USER
Revoke user.
-u, --user=USER Username.
restore --user=USER
Restore user.
-u, --user=USER Username.
list [<flags>]
List active users.
-a, --all Show all users include revoked and deleted.
check --user=USER
check user existent.
-u, --user=USER Username.
auth --user=USER [<flags>]
Auth user.
-u, --user=USER Username.
-p, --password=PASSWORD Password.
-t, --totp=TOTP TOTP code.
change-password --user=USER --password=PASSWORD
Change password
-u, --user=USER Username.
-p, --password=PASSWORD Password.
update-secret --user=USER [<flags>]
update OTP secret
-u, --user=USER Username.
-s, --secret="generate" Secret.
register-app --user=USER --totp=TOTP
register 2FA application
-u, --user=USER Username.
-t, --totp=TOTP TOTP.
check-app --user=USER
check 2FA application
-u, --user=USER Username.
get-secret --user=USER
get OTP secret
-u, --user=USER Username.