There was a problem loading the comments.

Activate 2FA in TCC

Support Portal  »  Knowledgebase  »  Viewing Article

TCC provides 2FA authentication for users. This can be enabled per 'realm', and each user needs his own key. There are two options in terms of 2FA, 'OATH' and 'Yubico'. We will only cover the OATH method.

Two steps are required to enable 2FA:
  1. Install a TOTP client on your phone or desktop
  2. Adding keys to users
  3. Enable 2FA at the affected realm

Step 1:

  1. Install a TOTP client, for example
  2. Generate a key for the user in question via:

Step 2:
  1. Go to 'Datacenter', 'Permissions' and then to 'Users'
  2. Double-click on the user for which you want to set the key
  3. Copy the 'Secret Key (hex string)' to the 'Key ID' field of the user
  4. Scan the generated QR code with the TOTP client and add the entry to your client

Step 3:
  1. Go to 'Datacenter', 'Permissions', 'Authentication'
  2. Double-click on the realm you want to edit, default 'pve'
  3. Choose 'OATH' at 'TFA'
  4. 2FA is now enabled. Note: Users without a Key can no longer log in!

Share via
Did you find this article useful?  

Related Articles

© Tuxis B.V.