[rad] Re: Problem with external authentication script
Charles Gregory
cgregory at hwcn.org
Mon Jun 15 21:48:28 CEST 2009
On Mon, 15 Jun 2009, Stefan Kuegler wrote:
>> > exec motp {
>> > wait = yes
>> > program = "/usr/local/bin/otpverify.sh %{User-Name}
>> > %{User-Password} %{reply:Secret} %{reply:PIN} %{reply:Offset}"
>> > input_pairs = request
>> > output_pairs = config
>> > }
Silly thought:
The exec is named 'mopt' with an 'm'.
But your script is 'optverify' with no 'm'.
Just want to be sure that's not a silly typo.... :)
> It seems, that freeradius never uses the "MOTP"-Auth-type:
> auth: type "PAP"
> +- entering group PAP
Not an expert on motp. But should it be mistaken for 'PAP'? Perhaps
you need to put your check for 'motp' in the auth section *before* PAP?
Or remove the reference to PAP altogether if you never use it....?
> Do I need to configure something in the authorize-section or somewhere
> else ??
A line with the single word 'motp', probably just above the 'pap' line,
if tht is causing trouble....
- Charles
More information about the Freeradius-Users
mailing list