Multiple authentication methods at the same time?

Alan DeKok aland at deployingradius.com
Thu Feb 17 10:14:17 CET 2011


Thomas A. Fine wrote:
> One of the things I love on the Internet (and by love I mean hate) is
> when someone asks a technical question, and they end up with a
> condescending policy answer.

  The answer I read includes a *technical* portion describing exactly
how to do what you want.

> Another option is OTP.  This gives us real two-factor authentication
> (depending on which flavor/implementation we pick).  And a parent
> organization is likely going to mandate this eventually anyway so we
> might as well get started.

  Part of the issue here is that the implementation of security
solutions is limited by the capabilities of the underlying technologies.
 In some cases, the desired solution is simply *impossible* to
implement.  e.g. PEAP with "crypt" Unix passwords.

> So, thank you for attempting to dictate my security policy to me in the
> absence of any information about me.

  No one here has the ability to dictate anything to you.  The purpose
of this list, and your question, was to obtain suggestions and
solutions.  That has happened here, so there is no need to get offended.

  Alan DeKok.



More information about the Freeradius-Users mailing list