2FA authentication logon server required

All installation and configuration problems and questions

Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N

2FA authentication logon server required

Postby ramizuabhalim » Wed Mar 03, 2021 11:38 am

Hi Support,

In vicidial system, can we have 2FA authentication when we login on server such as every cluster servers?
If yes, may I know what is the method we can achieve that?

Vicibox 9
Version: 2.14b0.5
SVN Version: 3302
DB Schema Version: 1608
ramizuabhalim
 
Posts: 97
Joined: Sat Dec 07, 2019 11:14 am

Re: 2FA authentication logon server required

Postby carpenox » Wed Mar 03, 2021 12:27 pm

This is currently not a built in feature for Vicidial.
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: 2FA authentication logon server required

Postby mflorell » Wed Mar 03, 2021 4:14 pm

I have a plan for a framework for adding 2FA for admin users(email and phone-call-audio), but it is currently sitting in our unfunded development list.

Were you wanting 2FA for only Admin web users, or also for VICIdial Agent Screen web users?
mflorell
Site Admin
 
Posts: 18335
Joined: Wed Jun 07, 2006 2:45 pm
Location: Florida

Re: 2FA authentication logon server required

Postby carpenox » Wed Mar 17, 2021 4:01 pm

active feature now @ramiz
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: 2FA authentication logon server required

Postby ramizuabhalim » Thu Mar 18, 2021 8:58 pm

Hi Carpenox,

Need to upgrade the SVN is it?

Hi Matt,

Actually my plan just 2fa for login ssh only. I resolved using the google authentication to login on server.
However, for the web agent and admin, is better we got that feature. :)
ramizuabhalim
 
Posts: 97
Joined: Sat Dec 07, 2019 11:14 am

Re: 2FA authentication logon server required

Postby ramizuabhalim » Wed Mar 31, 2021 10:13 pm

Hi Carpenox,

yes I saw it in latest SVN version 3414.

Thank You.
ramizuabhalim
 
Posts: 97
Joined: Sat Dec 07, 2019 11:14 am

Re: 2FA authentication logon server required

Postby ramizuabhalim » Wed Mar 31, 2021 10:13 pm

Hi Carpenox,

yes I saw it in latest SVN version 3414.

Thank You.
ramizuabhalim
 
Posts: 97
Joined: Sat Dec 07, 2019 11:14 am

Re: 2FA authentication logon server required

Postby ramizuabhalim » Thu Apr 08, 2021 2:34 am

Hi Matt,

I have issue to configure the 2FA on the admin level.

I got this error :

Two-Factor-Authentication
Your User account is not configured for Two-Factor-Authentication. Please contact your system administrator.

How can i implement the 2FA on the vicibox?


Version: 2.14b0.5
SVN Version: 3414
DB Schema Version: 1628
ramizuabhalim
 
Posts: 97
Joined: Sat Dec 07, 2019 11:14 am

Re: 2FA authentication logon server required

Postby mflorell » Thu Apr 08, 2021 7:52 am

Did you read this entire document and follow the instructions to set it up and configure it properly?
http://vicidial.org/docs/2FA_TWO_FACTOR ... CATION.txt
mflorell
Site Admin
 
Posts: 18335
Joined: Wed Jun 07, 2006 2:45 pm
Location: Florida

Re: 2FA authentication logon server required

Postby ramizuabhalim » Thu Apr 08, 2021 9:43 pm

Hi Matt,

Yes, I have read that one. For the the user modify I was change on the database level instead of the change from admin page because I cannot see the enable the 2FA on the admin page at user modify. Now it works!! Thanks a lot.

I have a question, this 2FA we cannot implement on the specific user group right?
ramizuabhalim
 
Posts: 97
Joined: Sat Dec 07, 2019 11:14 am

Re: 2FA authentication logon server required

Postby mflorell » Thu Apr 08, 2021 10:57 pm

2FA is only able to be enabled system-wide, with a User override option at the user level only.
mflorell
Site Admin
 
Posts: 18335
Joined: Wed Jun 07, 2006 2:45 pm
Location: Florida

Re: 2FA authentication logon server required

Postby ramizuabhalim » Fri Apr 09, 2021 1:52 am

Hi Matt,

Noted with that.

Thank you so much :)
ramizuabhalim
 
Posts: 97
Joined: Sat Dec 07, 2019 11:14 am

Re: 2FA authentication logon server required

Postby ramizuabhalim » Sat May 27, 2023 11:00 pm

Hi Matt,

I just notice on modify user for "Two Factor Auth Override" is not working.
Over there just have 2 option "NOT_ACTIVE and DISABLED".

Does i have missed configuration or how ya?

Any Advise..


Thank You.
ramizuabhalim
 
Posts: 97
Joined: Sat Dec 07, 2019 11:14 am

Re: 2FA authentication logon server required

Postby carpenox » Sat May 27, 2023 11:05 pm

I will write up an article explaining step by step how to get this working
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: 2FA authentication logon server required

Postby carpenox » Sun May 28, 2023 10:44 am

Actually Matt he's right, enabled doesn't show as an option and even if you set it manually thru mysql it still says:

Two-Factor-Authentication
Your User account is not configured for Two-Factor-Authentication. Please contact your system administrator.

And locks you out of the system, I'll submit a ticket to mantis
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: 2FA authentication logon server required

Postby ramizuabhalim » Thu Jun 01, 2023 11:32 am

Hi Carpenox,

Thank you for your effort.

Yes, we are looking Matt and team to give some update for this issue.

Hopefully, they will fix and reply it here.
ramizuabhalim
 
Posts: 97
Joined: Sat Dec 07, 2019 11:14 am

Re: 2FA authentication logon server required

Postby mflorell » Thu Jun 01, 2023 7:25 pm

The user setting is only an override, and it is only used to DISABLE the 2FA features. It is NOT meant to enable them on a per-user basis. When you enable 2FA in System Settings, it is enabled for all users on the system.

I just tested two systems that have 2FA active on them and it works just fine for me. We also have several other hosted clients using it without any issues.
mflorell
Site Admin
 
Posts: 18335
Joined: Wed Jun 07, 2006 2:45 pm
Location: Florida

Re: 2FA authentication logon server required

Postby carpenox » Thu Jun 08, 2023 3:23 am

This occurs no matter what:

Two-Factor-Authentication
Your User account is not configured for Two-Factor-Authentication. Please contact your system administrator.

And you get locked out. Settings applied are 1 hour and a stings container with the info below:

auth_code_expire_minutes => 30
auth_code_attempts => 3
auth_code_length => 6
phone_auth => YES
phone_prefix => 91
phone_server_ip => 10.10.10.15
phone_cid_number => 7865551212
phone_message_override => 2FA_say_auth_code

Admin user set to disabled but still I'm locked out with above message.... What am I doing wrong?
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: 2FA authentication logon server required

Postby mflorell » Thu Jun 08, 2023 8:17 am

That message shows up if the user you are logged in as does not have a phone number and email filled in within the User Modify screen.
mflorell
Site Admin
 
Posts: 18335
Joined: Wed Jun 07, 2006 2:45 pm
Location: Florida

Re: 2FA authentication logon server required

Postby carpenox » Thu Jun 08, 2023 11:10 am

Ah ok ty, duh
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: 2FA authentication logon server required

Postby dspaan » Wed Sep 06, 2023 10:22 am

ramizuabhalim wrote:
I resolved using the google authentication to login on server.


Can you elaborate what you mean by this? I'm also looking for a method to use 2FA for agents to login.
Regards, Dennis

Vicibox 9.0.1
Version: 2.14b0.5
SVN Version: 3199
DB Schema Version: 1588
Build: 200310-1801
dspaan
 
Posts: 1374
Joined: Fri Aug 21, 2009 1:40 pm
Location: The Netherlands

Re: 2FA authentication logon server required

Postby carpenox » Wed Sep 06, 2023 1:06 pm

Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: 2FA authentication logon server required

Postby kashyapking » Thu Sep 07, 2023 3:04 am

Nice one! Helpful to setup 2FA.
Vicibox10 | Version: 2.14b0.5 | SVN Version: 3743 | DB Schema Version: 1690 | Asterisk Version: 13.38.2-vici
visit us @ https://www.kingasterisk.com | skype: kingasterisk | wa @ +17864142610
kashyapking
 
Posts: 20
Joined: Fri Aug 18, 2023 11:32 am


Return to Support

Who is online

Users browsing this forum: Google [Bot] and 69 guests