I have successfully installed the official Authy 2FA plugin for OpenVPN (community edition) and the plugin is working. However, I need to bypass/whitelist certain users and devices.
The office Authy FAQ (found here: https://www.authy.com/integrations/openvpn/ ) states:
I haven't added users with the script authy-vpn-add-users or manually, and my vpn users can't login, what happened?
Authy plugin whitelist users, so it will only authorize users that are in the authy-vpn.conf
I have no clue what they mean by: "Authy plugin whitelist users" and how to do this. Any details would be greatly appreciated.
Thank you - Lars Larsen
Twilio developer evangelist here.
When you haven't already added any users, either with the script or manually, then they won't be able to log in because they are not present in the plugin config.
It might be worded badly, but I think the line means that you should add the users to your config by using the script
authy-vpn-add
or editingauthy-vpn.conf
directly, adding their email and Authy ID. There's more on how to do this in the instructions in the project on GitHub.(Disclaimer: I haven't setup OpenVPN or used this plugin myself, this is hopefully an informed guess though. Hope it helps!)