freeradius and yubikeys
Scott Ireland
sireland+freeradius at ualberta.net
Mon May 12 20:52:22 CEST 2014
FWIW, I've had very little trouble getting YubiKeys to work (in OATH-HOTP
mode) with the Google Authenticator PAM through FreeRADIUS. The benefit to
that was that it allowed me to support YubiKeys and the Google
Authenticator app with the same configuration so that users could have one
or the other (YubiKeys are definitely more secure and more universal than
smartphone apps, but there is a cost attached to purchasing and
(re-)programming them).
In my case the FreeRADIUS side of this was pretty easy to configure since
my NAS allowed for a secondary authentication server, so all I really had
to do in FR was deal with the OTP, although later on I also set up a
two-step process using FreeRADIUS for both stages with an Access-Challenge
to drive the OTP authentication.
On Thu, May 8, 2014 at 6:41 AM, Frederic Van Espen <frederic.ve at gmail.com>wrote:
> Hi,
>
> I'm evaluating the use of yubikey OTP's in combination with freeradius
> and I'd like to know if there's people out there who can share the
> experience. In particular:
>
> - In which mode are you using the yubikey?
> - How are you verifying the OTP's? through PAM or through another module?
>
> Thanks for any response,
>
> Frederic
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140512/f02e5d1a/attachment.html>
More information about the Freeradius-Users
mailing list