Background
In this post we will see how to setup open vpn on ubuntu and then configure it to use Duo Two factor Authentication.
Installing openvpn
Installing openvpn is fairly simple. Just execute following command in command line
- sudo apt-get install openvpn
This should install openvpn client in you Linux machine. You can verify the installation by checking the version.
- openvpn --version
Connecting to VPN
You can then connect to your vpn by executing command -
- sudo openvpn --config /path/to/config.ovpn
This is the file you would typically get from your vpn service provider. You can simply log on to your vpn with browser and download it from there. Note this file contains inline private keys and must be kept confidential.It will also have your vpn configuration like vpn address, ports , protocols etc.
Connecting to VPN with two factor Authentication like Duo
If two factor authentication is enabled on your server then your authentication will fail.
You need to do some extra setup before you can start handling two factor authentications.
- If you are using Duo as two factor auth download and install Duo OpenVPN package.
Configuring open VPN client
- Make sure you have following like in your OpenVPN client configuration file
- auth-user-pass
- Next you should append you openvpn connect command with following -
- --auth-retry interact
- sudo openvpn --config /path/to/config.ovpn --auth-retry interact
Simply enter your dual auth password and you should be good.
Related Links
- How to setup OpenVPN Client
- Two factor Authentication for OpenVpn
- OpenVPN wiki
- How can I add a new user as sudoer using the command line?