Setup Freeradius for Challenge response authentication
Yizhi Lao
laoyizhi at yahoo.com
Mon Apr 3 04:20:20 CEST 2006
Hi Alan,
thank you for the response.
What I am worried about is not the second authentication method, but to chain two authentication together. is there any convenient way to do it?
Say:
First access request, authenticated against LDAP,
Radisu server reply with an Access challenge,
NAS answers chanllenge,
the answer is authenticated against LDAP again.
Is it possible?
Thanks and best regards
Kaden
Alan DeKok <aland at ox.org> wrote: Yizhi Lao wrote:
> I am a new user of freeradius, currently using freeradius 1.1.0 on Redhat Linux. I wish to setup freeradius for a 2 factor authentication, such that:
>
> NAS issue an Access-Request to Radius server
> Radius server authenticate against LDAP
> once successful --
> Radius server then issue an Access-Chanllenge to NAS (second factor, asking for an additional password/token)
> NAS reply with an Acces-Request
> Radius server then authenticate the second Access-request and reply to NAS.
This is a very unusual request, since it isn't tied to an
authentication method. You will have to write a module to do this.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
---------------------------------
New Yahoo! Messenger with Voice. Call regular phones from your PC and save big.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060402/ba4961bc/attachment.html>
More information about the Freeradius-Users
mailing list