OpenVPN - Suport for OTP from saved OTP Credential Entry

Hello,

We'll open a ticket for this request, thanks for the idea!

Regards,

Hi all
I think this request is quite similar to a (multiple) request we already have open for RSA OTP credential entry types.
Would it be possible to combine these ?
https://forum.devolutions.net/topics/31306/create-a-new-credential-type-of-rsa-secureid#139327
https://forum.devolutions.net/topics/32803/enhance-cyberark-credential-entry-to-work-with-rsa-token-id#134522

The RSA key fob will also show a continuously changing OTP that we HAVE to enter in manually, in combination with an always static username. (and in some rare cases: UserName + password + OTP)
I'm happy to add more details if needed.
Regards, Ben van Zanten

Hello Ben,

We will have to see if the RSA type is appropriate in this case, but I was thinking of being able to reuse the 'OTP' entry that RDM already possesses.

Regards,

I've been testing with 'OTP' entry types myself but that needs to be configured with a Key.. I have no idea what key to configure here,
therefore I have the impression that the current OTP entry is more of an 'OTP' generator - that creates one -time keys, than it is a 'consumer' type of credential entry - meaning: it should ask for: what is the current response ?
Note the RSA as we use it is kind of MFA authentication so providing the code on the display kind of proves we have possession of the keyfob.

oh yes and as I also mentioned in other threads

• https://forum.devolutions.net/topics/31306/create-a-new-credential-type-of-rsa-secureid
• https://forum.devolutions.net/topics/1955/passwords-and-rsatokens
• https://forum.devolutions.net/topics/32803/enhance-cyberark-credential-entry-to-work-with-rsa-token-id

this kind of Credential entry can then not only be used for RSA token code, but for Google authenticator, Microsoft Authenticator and others as well.... all consisting of a static username and a requested current code from your device.
And not only be used for CyberArk credentials, RDP and website connections, but VPN connections (F5 Big IP) OpenVPN as in this thread, Datasource multifactor etc

PS the initial GUI designed by Pawel is a good enough start for us as well!

Regards, Ben

The OTP entry in RDM is a 'generator' just like Google Authenticator is (entering the same information as you would in your Google Authenticator app will generate the same codes but within RDM). The use case for this entry is to copy the OTP at any given time to enter in websites or application, like you would in Google Authenticator for example. We have a built-in integration with the web browser entry that autofills based on an OTP entry saved in RDM.

I assumed that this would be what the feature request was for, but for OpenVPN instead. Linking to an OTP entry won't be required, you could also just type in the value you desire when the OpenVPN is opened.

Feel free to correct me if I'm wrong, I might not fully understand the request. I think the RSA credential feature is an entirely different beast from what is asked here, despite the end goal being able to achieve a similar workflow.

Regards,

Hello,

Support for existing OTP entries in OpenVPN will be included in the 2020.2.6.0 update.

Regards

Hi Jonathan,

Will the update to be able to use existing OTP credential be for OpenVPN entry type only? Can the same be done for "Website" entry. "Web Browser" entry already have this ability. Thanks.

Regards,

Wimar

Hello Wimar,

We will open a separate ticket for the website entry. We'll let you know once it's done.

Regards,

Thanks Hubert. I will open a new thread as I have a query related to the request.

Wimar

Amazing, works perfect!
Great job, it saves me a lot of time now.
Thank you very very much!