Best/fastest method to query external radius OTP

Alejandro Perez-Mendez alex.perez-mendez at jisc.ac.uk
Thu Jun 18 11:23:00 CEST 2020 

Never used the exec module, but I guess it's not a shell interpreter, so
pipes won't work.
You could run it as 'sh -c "my_command_with_pipes"'

Cheers,
Alex

El 18/6/20 a las 10:35, Dominique Wille escribió:
> Hello dear users. Could you help ?
> We have a freeradius 3.0.x configuration working
> - Authorization with LDAP
> - Authentication with LDAP, backup to files
>
> Now trying to get validation from OTP provider
>
> Needs to send a radius request with User-Name="myusername",
> User-Password="push" (this one is always "push", not the original pwd). The
> "push" words triggers a push notification on mobile that needs to be
> answered, and then OTP provider radius answers with accept or reject.
>
> I have tried radclient (working in console mode) with exec module, but
> having some issues to move it to rlm_exec module (piping data I think).
>
> So far reached
>
> exec myotp {
>          input_pairs = request
>          wait = yes
>          timeout = 30
>          program = "/bin/echo \"User-Name=$USER_NAME,User-Password=push\" |
> /bin/radclient -r 1 -t 20 xx.xx.xx.xx:1812 auth mysecret"
>          }
> Of course still missing the testing of what the command returns.
>
> But this does not work. Seems piping is not working and I can not push two
> commands there.
> An idea where is the issue ?
>
> Is there a better or fastest way ?
>
> thanks
>
> nash35
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

--
Alejandro Perez-Mendez
Technical Specialist (AAA), Trust & Identity
Skype alejandro_perez_mendez
jisc.ac.uk


Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under company number. 05747339, VAT number GB 197 0632 86. Jisc’s registered office is: 4 Portwall Lane, Bristol, BS1 6NB. T 0203 697 5800.


Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 02881024, VAT number GB 197 0632 86. The registered office is: 4 Portwall Lane, Bristol, BS1 6NB. T 0203 697 5800.


Jisc Commercial Limited is a wholly owned Jisc subsidiary and a company limited by shares which is registered in England under company number 09316933, VAT number GB 197 0632 86. The registered office is: 4 Portwall Lane, Bristol, BS1 6NB. T 0203 697 5800.


For more details on how Jisc handles your data see our privacy notice here: https://www.jisc.ac.uk/website/privacy-notice

More information about the Freeradius-Users mailing list