On 8 May 2014, at 20:43, Frederic Van Espen <frederic.ve@gmail.com> wrote:
On Thu, May 8, 2014 at 3:28 PM, Frederic Van Espen <frederic.ve@gmail.com> wrote:
Hello Arran,
On Thu, May 8, 2014 at 2:58 PM, Arran Cudbard-Bell <a.cudbardb@freeradius.org> wrote:
- How are you verifying the OTP's? through PAM or through another module?
How about the rlm_yubikey module, which does both local auth and auth against a yubico server?
As I understood, this one is only available in FreeRADIUS 3.0. I'm currently running 2.1.12 that's included in debian wheezy. If it is not available (yet) for FreeRADIUS 2.1.12, do you think it would be possible/difficult to port it?
I'm currently trying out the one by yubico based on rlm_perl. Only, with the current configuration I'm not sure how the normal password can be verfied to our ldap server.
I figured out how to verify the normal user password, however, the question about the rlm_yubikey module still stands :-)
2.2.x is feature frozen. rlm_yubikey also relies on the connection pool API which is only in 3.0.x which relies on talloc, and other API changes, so the short answer is no to both... But why stick with the OS packages? Just do a make deb and you've rolled your own. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2