Hello Mike, you are right, that a commercial supplier usually want to sell his hardware tokens. And if he can't sell his hardware tokens he even wants to sell his smartphone apps. Yes, licenses per smartphone app in the vendors OTP backend... I though you would stick with otpd, which is rather lightweight. If rlm_otp will be removed I am now suggesting a new solution for you. I am into the development of privacyIDEA, which is an open source project to provide a two factor authentication backend for not only OTP, but also TiQR, SSH keys, x509, (future) Fido U2F... It also provides a perl module to be used with FreeRADIUS rlm_perl, so that you can connect it to the freeradius server. Take a look here http://privacyidea.org and here http://privacyidea.readthedocs.org. But it is not as lightweight as otpd. Kind regards Cornelius Am Mittwoch, den 23.09.2015, 12:39 -0400 schrieb Michael A Hawkins:
Alan said, "There are a number of commercial ones which work. The google authenticator also works."
Commercial means I usually (almost always) can't use my own tokens sourced from my own token supplier. I liked it that otpd allowed me to source tokens from wherever I wanted. All I needed was a supplier with a cost effective token and a supplier willing to supply me with the seeds too. Commercial suppliers usually lock you into their tokens, their servers, their solution or all of the above.
google authenticator doesn't fit in my wallet. I've always believed that the least likely item to be lost or misplaced by a user is their own wallet. Cell phones, not so much. A users wallet contains stuff that is far more important than a cell phone. Cell phones get lost, stolen far more often than wallets.
If rlm_otp is to be removed. Against which module would I rewrite otpd so that it could continue to work with freeradius? From googling, it looks like alot of other otpd solutions out there use a perl module to interact with freeradius. Is that the only way? Is there a better way?
Thanks again,
Mike
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Cornelius Kölbel cornelius.koelbel@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel