Hello, I’ve attempted to use the pritunl-client cli as described here Command Line Interface
However, connection attempts are failing. The server logs show ERROR User auth failed "Challenge OTP code"
The client never prompted me for the OTP. How am I supposed to enter it?
With the CLI client you need to either add --password-read to prompt for the password or --password=PASSWORD to set the password in the command.
Yes, I did that. pritunl-client start <profile_id> -r
I entered my pin that works with the MacOS GUI client, the connection failed and I saw that error message in the server logs. Am I supposed to include the OTP code with my pin when prompted with the -r flag?
Or does the pritunl-client cli not support MFA at all?
With a pin the format is PIN (111111) + OTP (222222) these single password formats are documented in the two-step authentication documentation.
I gave that a try with either the -r flag or -p flag and neither worked.
My credentials and MFA work just fine through the GUI.
I entered my password like this. Pin ex: 1111111111, OTP ex: 555555… 1111111111555555
I’m still getting the same error.
I have updated the CLI code to prompt for each component but this will still send the password in the same PIN (111111) + OTP (222222) format as it is done in the GUI pritunl-client-electron/client/app/components/ProfileConnect.tsx. This will be included in the next release.