Yubikey + OpenVPN in Debian/Ubuntu

Posted by & filed under AWS/Linux/Unix/Devops stuff.

The instructions provided by Yubico for integrating two-factor auth with OpenVPNĀ lack a PAM configuration for Debian based systems. The following configuration file (/etc/pam.d/openvpn) worked for me: auth required pam_yubico.so authfile=/path/to/yubikeys id=22010 debug auth required pam_unix.so try_first_pass debug shadow nodelay account required pam_unix.so