Wireguard and 2FA/MFA

I'm currently trying to get Wireguard to work with 2FA. Wireguard itself does not support it, but there are some third party patches that claim to make it work. Have not been able to try any of them though.
I have fiddled a bit with a solution where I do the 2FA part with iptables after the tunnel is established, but it doesn't really feel like a production ready solution. I've played around with the idea of some kind of lock on the config file for the client that would require a 2FA to unlock, but it also feels a bit too "hacky".

Has anyone found a nice solution for this?

And yes, I know openvpn and a bunch of others already support 2FA. That is not an answer to the question.

Comments

  • PureVoltagePureVoltage Hosting ProviderOG

    Haven't seen it in a solid protection ready look. Would be interested in seeing this being an option or if someone has a good tweak for it.

    PureVoltage - Custom Dedicated Servers Dual E5-2680v3 64gb ram 1TB nvme 100TB/10g $145
    New York Colocation - Amazing pricing 1U-48U+

  • TunSafe claims to have a working implementation and are willing to contribute patches, but they seem to get very little response from the Wireguard developers.

  • @rcy026 said:
    TunSafe claims to have a working implementation and are willing to contribute patches, but they seem to get very little response from the Wireguard developers.

    Sadly development of TunSafe seems to have halted for over 2 years now. Developer seems to have vanished for over 2 years now.

Sign In or Register to comment.