On Dec 20, 2019, at 6:53 AM, Anton Kiryushkin <swood@fotofor.biz> wrote:
I want to configure the second authorisation factor with EAP-type, and md5 hashed password saved in MySQL. I found several modules and services like MultiOTP and Smsotp, but I can't understand how to provide the SMS before the authorisation or how to ask FreeRadius to wait for the process sends SMS?
You need to configure a module to send the SMS. How that works depends on how the SMS is sent. And only you know that.
Could you please explain this to me?
What kind of 2 factor auth do you want to do? To be honest, the only thing that's going to work is TTLS + PAP. Since passwords are stored in MD5 format in the DB, nothing else will work. But... if this is for WiFi, users will be *very* unhappy if they have to enter a new OTP every time they switch access points. That's just not going to work. Alan DeKok.