[eduVPN-deploy] [2018-11-28] VPN server update
François Kooman
fkooman at tuxed.net
Wed Nov 28 15:11:52 CET 2018
Hi all,
The following components had a new release:
* vpn-user-portal: 1.8.5 [1]
* vpn-admin-portal: 1.7.3 [2]
Major changes:
- User will now be unable to retrieve a new access_token with a
refresh_token when the user's account is disabled (relevant for
"federated eduVPN");
- SAML logout is now implemented in the portal(s)
- Ability to configure which 2FA methods are enabled
- YubiKey is deprecated and disabled for new installations
In order to disable 2FA, or enable only TOTP, modify
/etc/vpn-user-portal/default/config.php:
'twoFactorMethods' => ['totp'],
to only enable TOTP, or to disable 2FA support completely:
'twoFactorMethods' => [],
It is recommended to remove YubiKey support from your deployment if no
users are currently using YubiKey OTP as to avoid them registering with
a YubiKey.
Let me know if you have any questions or remarks!
Regards,
François
[1] https://github.com/eduvpn/vpn-user-portal/blob/master/CHANGES.md
[2] https://github.com/eduvpn/vpn-admin-portal/blob/master/CHANGES.md
More information about the eduVPN-deploy
mailing list