Proxmox Two Factor Not Supported

[djohnsonbb]

Hi all, I have been testing out various PVE / Veeam configurations and I discovered that accounts on PVE protected by Two Factor Auth do not communicate with VBR. The VBR console throws a vague error: "An unknown Proxmox VE error has occurred."

I confirmed this finding on a few different test environments. Upon disabling Two Factor, Veeam communicated without errors.

I don't see any mention of Two Factor support on the Help Center.

Will Two Factor PVE accounts be supported in future releases?

[Gostev]

Pardon my ignorance but is this possible even in theory? Normally 2FA is designed for interactive logons by humans, while Veeam is a service. So who will be supplying the second factor each and every time Veeam needs to connect to Proxmox to perform a scheduled backup for example?

[djohnsonbb]

You are correct, that is not a feasible solution. Sorry for the confusion of my previous question.

I use 2FA on the root account. The Help Center documentation states to use root.

Does Veeam need full root access to PVE? I don't see any documentation on what permissions are specifically needed for PVE backup. What permissions are needed for Veeam jobs to back up PVE?

I'd prefer to not use root if possible in favor of a least privileged user (without 2FA). This could be a PVE limitation rather than Veeam.

[Gostev]

Right and here's the existing topic about the root account requirement.