Any One-Time password system.
Nick Owen
owen.nick at gmail.com
Thu May 16 20:43:05 CEST 2013
On Thu, May 16, 2013 at 11:18 AM, Phil Mayers <p.mayers at imperial.ac.uk>wrote:
> On 16/05/13 15:45, Sergii Bieliaievskyi wrote:
>
>>
>>
>>
>> 2013/5/16 Phil Mayers <p.mayers at imperial.ac.uk
>> <mailto:p.mayers at imperial.ac.**uk <p.mayers at imperial.ac.uk>>>
>>
>>
>> No.
>>
>> MPPE requires encryption keys. These can be generated by whatever
>> auth method.
>>
>> If you use plain MSCHAP, MSCHAP generates them.
>>
>>
>> Can you provide more information how can i do that? Or where can i read
>> about that?
>>
>
> I apologise - I misunderstood what you were doing.
>
> If you're using plain MSCHAP for PPTP and want to combine this with OTP,
> it's probably impossible.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/**
> list/users.html <http://www.freeradius.org/list/users.html>
>
Hmm. I did a test integration with our two-factor authentication server
and poptop: http://www.howtoforge.com/security-issues-and-poptop-pptp. It
worked, but I agree that PPTP is beyond busted. OpenVPN is a much better
choice. It is also super simple to integrate via PAM:
http://www.wikidsystems.com/support/wikid-support-center/how-to/using-wikid-strong-authentication-with-openvpn
.
Those examples use our Enterprise edition which supports radius (via a 3rd
party, licensed module). I would love it if someone would do a freeradius
module using our API: http://www.wikidsystems.com/downloads/network-clients.
We have a python package.
nick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130516/3ce7d2b3/attachment.html>
More information about the Freeradius-Users
mailing list