Security/Mentorships/MWoS/2014/OpenVPN MFA

From MozillaWiki
< Security‎ | Mentorships‎ | MWoS‎ | 2014
Revision as of 16:43, 30 July 2014 by Gdestuynder (talk | contribs)
Jump to navigation Jump to search

Team

Introduction

Members

Project

Mozilla uses OpenVPN with MFA via deferred C plugins and pythons scripts. However, there are several caveats that require non-plugin based modifications, such as One Time Passwords (OTP) client input and session tracking. The goal of this project is to research and provide a first class user experience when using MFA with OpenVPN, and contribute it to the Open Source OpenVPN project.

Description

This project aims to add support for:

  • User session id and tracking
  • True multi-factor authentication support


Scope

This project only include the official OpenVPN command line server and client. Support for 3rd party clients is out of the scope.

Success Criteria

  • Ability to log in with a 2nd factor to OpenVPN, lose the connection, reconnect with the session id and without getting a 2nd factor authentication prompt for a determined period of time. In a nutshell, have a similar experience to web-based MFA solutions.

Updates

2014-07-30

Kick off meeting.

<date>

  • current work
  • blocking points
  • discussion points
  • upcoming work
Retrieved from "https://wiki.allizom.org/index.php?title=Security/Mentorships/MWoS/2014/OpenVPN_MFA&oldid=1001349"