Alan DeKok <aland@deployingradius.com> wrote:
[snipped]
2) remove rlm_otp from the "stable" module list. It's not being maintained, and I'm not sure anyone is using it.
This will make life easier for package maintainers, as they can just configure --without-rlm_otp. The result will be a version of the server that can be linked with OpenSSL on Debian-based systems.
Thoughts?
I was thinking of using playing with EAP-GTC and OTP's at some stage, probably more likely EAP-TTLS/OTP or something if such a thing can be put together. Of course 'some stage' is after the 101 other things more pressing I have to do... Users can obviously not be trusted with passwords, SecureW2 with jfreesafe[1] would make for a nice combination. Cheers Alex [1] http://stuff.digriz.org.uk/mobile/jfreesafe.jad -- Alexander Clouter .sigmonster says: Don't say "yes" until I finish talking. -- Darryl F. Zanuck