Victor Guk <v.guk@zaz.zp.ua> wrote:
Can you please tell whether it is possible to configure FreeRADIUS to authenticate users on the "S/KEY One-Time Password System", which is described in RFC 1760 (http://tools.ietf.org/html/rfc1760).
You should be looking at RFC 2289[1] and also RFC 2243[2]. With FreeRADIUS I successfully got working: * 802.1X - both wpa_supplicant and SecureW2 * mod_auth_radius (via PAM) - both shell login and Apache basic auth To get it working, involves a trivial patch to rlm_eap_gtc (that Alan /dev/null'd) and a Perl script that runs via rlm_perl. It reads currently from an opiekeys compatible file, but my long term plan was to add LDAP/SQL backend support (as well as RFC2243 support). I also did some ground work so that you could get users to self-service prime their own MIDP JavaME enable mobile phone, via a web page or via SMS WAP Push message... Motivation dried up with Alan not applying my patch (grrr) and me not seeing to be too much interest in an opensource OTP solution for the UK university sector...*sigh*. I've put it on the back burner, but now with JavaME's future looking dodgy too... :-/ Code dump is available upon request, to anyone, it's all GPL. Cheers [1] http://tools.ietf.org/html/rfc2289 [2] http://tools.ietf.org/html/rfc2243 -- Alexander Clouter .sigmonster says: Without fools there would be no wisdom.