Skip to content

ichha/netbox-otp-plugin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
assets
assets
 
 
netbox_otp_plugin
netbox_otp_plugin
 
 
LICENSE.txt
LICENSE.txt
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

Netbox OTP Plugin

Two-factor authentication for NetBox. The plugin provides user OTP token verification and OTP device management is provided and bases on django-otp with Time-based One-time Password algorithm.

alt text

Compatibility

NetBox Version Plugin Version
4.4 >= 1.3.4
4.3 >= 1.3.3
4.2 >= 1.3.2
4.1 >= 1.3.0
4.0 >= 1.1.0
3.X 1.0.7

Installation

The plugin is available as a Python package in pypi and can be installed with pip

source /opt/netbox/venv/bin/activate
python -m pip install netbox-otp-plugin
# or
# python -m pip install netbox-otp-plugin==<version>

Enable the plugin in /opt/netbox/netbox/netbox/configuration.py:

PLUGINS = ['netbox_otp_plugin']

Run migration:

./manage.py migrate netbox_otp_plugin

To ensure the plugin is automatically re-installed during future upgrades, create a file named local_requirements.txt (if not already existing) in the NetBox root directory (alongside requirements.txt) and append the netbox-otp-plugin package:

echo netbox-otp-plugin >> local_requirements.txt

Configuration

An OTP device can be attached to a user on your NetBox site or using the command:

./manage.py addtotp <username>

Then you will see a QR code that you can add to an TOTP authenticator.

To reset user OTP device use the site or the command:

./manage.py resettotp <username>

The plugin has additional options:

  • otp_required - if set to True then two-factor authentication will be always required even if a user doesn't have an OTP device yet. False value required to authenticate users only with an OTP device attached only. Default: True.
  • issuer - the issuer parameter for the otpauth URL (see more https://github.com/google/google-authenticator/wiki/Key-Uri-Format). Default: 'Netbox'.

Example

PLUGINS_CONFIG = {
    'netbox_otp_plugin': {
        'otp_required': False,
        'issuer': 'MyOrgNetbox'
    }
}

OTP Self-registration

To allow users to register their devices themselves, you need to grant them the following permissions:

Objects Actions Constraints
Otp_Totp > TOTP Device view, add {"user": "$user"}
Users > User view {"pk": "$user"}

Note: otp_required the plugin options should be set to False.

Screenshots

alt text

alt text

alt text

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages