<div dir="ltr">Hello.<div><br></div><div style>I am new here. And my first message concerns One-Time password authentication. I have a problem with installing rlm_smsotp + <a href="http://wiki.freeradius.org/modules/Rlm_smsotp">http://wiki.freeradius.org/modules/Rlm_smsotp</a>. I am always getting an error "/var/run/smsotp_socket No such file or directory". I am sure that smsotp_socket exists and has appropiate permission (i even tryed to run freeradius with root privileges). After some researches i conclude that the problem is in rlm_smsotp module. I cann`t find any other couse of the problem. Breaf information about my system and soft versions.</div>
<div style>FreeBSD 9.1</div><div style>FreeRADIUS 2.2.0</div><div style><br></div><div style>log============================================================</div><div style><div>rad_recv: Access-Request packet from host 172.16.17.0 port 1645, id=79, length=64</div>
<div> Framed-Protocol = PPP</div><div> User-Name = "test_user"</div><div> User-Password = "test_pass"</div><div> Service-Type = Framed-User</div><div> NAS-IP-Address = 172.16.17.0</div>
<div># Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default</div><div>+- entering group authorize {...}</div><div>++[preprocess] returns ok</div><div>[auth_log] expand: %{Packet-Src-IP-Address} -> 172.16.17.0</div>
<div>[auth_log] expand: /var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d -> /var/log/radacct/<a href="http://172.16.17.0/auth-detail-20130513">172.16.17.0/auth-detail-20130513</a></div>
<div>[auth_log] /var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radacct/<a href="http://172.16.17.0/auth-detail-20130513">172.16.17.0/auth-detail-20130513</a></div>
<div>[auth_log] expand: %t -> Mon May 13 16:51:36 2013</div><div>++[auth_log] returns ok</div><div>++[smsotp] returns ok</div><div>[suffix] No '@' in User-Name = "test_user", looking up realm NULL</div>
<div>[suffix] No such realm "NULL"</div><div>++[suffix] returns noop</div><div>[sql] expand: %{User-Name} -> test_user</div><div>[sql] sql_set_user escaped user --> 'test_user'</div><div>rlm_sql (sql): Reserving sql socket id: 3</div>
<div>[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'test_user' ORDER BY id</div>
<div>[sql] User found in radcheck table</div><div>[sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'test_user' ORDER BY id</div>
<div>[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'test_user' ORDER BY priority</div>
<div>[sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'Everyone' ORDER BY id</div>
<div>[sql] User found in group Everyone</div><div>[sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'Everyone' ORDER BY id</div>
<div>rlm_sql (sql): Released sql socket id: 3</div><div>++[sql] returns ok</div><div>rlm_checkval: Could not find item named Calling-Station-Id in request</div><div>rlm_checkval: Could not find attribute named Calling-Station-Id in check pairs</div>
<div>++[checkval] returns notfound</div><div>++[expiration] returns noop</div><div>++[logintime] returns noop</div><div>Found Auth-Type = smsotp</div><div># Executing group from file /usr/local/etc/raddb/sites-enabled/default</div>
<div>+- entering group smsotp {...}</div><div>[pap] login attempt with password "test_pass"</div><div>[pap] Using clear text password "test_pass"</div><div>[pap] User authenticated successfully</div><div>
++[pap] returns ok</div><div>rlm_smsotp: smsotp_connect: connect(/var/run/smsotp_socket): No such file or directory</div><div>++[smsotp] returns fail</div><div>Failed to authenticate the user.</div><div>Login incorrect: [test_user/test_pass] (from client DMcore port 0)</div>
<div>Using Post-Auth-Type REJECT</div><div># Executing group from file /usr/local/etc/raddb/sites-enabled/default</div><div>+- entering group REJECT {...}</div><div>[attr_filter.access_reject] expand: %{User-Name} -> test_user</div>
<div>attr_filter: Matched entry DEFAULT at line 11</div><div>++[attr_filter.access_reject] returns updated</div><div>Delaying reject of request 0 for 1 seconds</div><div>Going to the next request</div><div>Waking up in 0.9 seconds.</div>
<div>Sending delayed reject for request 0</div><div>Sending Access-Reject of id 79 to 172.16.17.0 port 1645</div><div>Waking up in 4.9 seconds.</div><div>Cleaning up request 0 ID 79 with timestamp +11</div><div>Ready to process requests.</div>
<div><br></div></div><div style>Can anybody advise me simple way of implementation OTP with freeradius2 and daloradius as a frontend? Or maybe there is a solution for rlm_smsotp/</div><div style><br></div><div style><br></div>
<div style>Thank you.</div><div style><br></div><div style><br></div></div>
<br>
<font color="#808080" size="2" face="Arial"><p dir="ltr" style="margin-top:0pt;margin-bottom:0pt"><span style="vertical-align:baseline"></span></p><div><hr></div><div>PRIVILEGED AND CONFIDENTIAL COMMUNICATION</div><div>This e-mail transmission, and any documents, files or previous e-mail messages </div><div>attached to it, may contain confidential information that is legally privileged.</div><div><br></div><div>If you are not the intended recipient or a person responsible for delivering it</div><div>to the intended recipient, you are hereby notified that any disclosure, copying,</div><div>distribution or use of any of the information contained in or attached to this</div><div>transmission is strictly prohibited.</div><div><br></div><div>If you have received this transmission in error, please: (1) immediately notify</div><div>me by reply e-mail, or by collect telephone call; and (2) destroy the original</div><div>transmission and its attachments without reading or saving in any manner.</div></font>