Question about Access-Challenge
Fajar A. Nugraha
list at fajar.net
Fri Jul 8 08:11:12 CEST 2011
On Fri, Jul 8, 2011 at 10:14 AM, Jamshid Abedi <udptelecom at gmail.com> wrote:
> Hello,
>
> I've got Mobile OTP to work with FreeRadius, I'd like to take this one step
> further and turn this into a two phase process. The objective is to first
> take the pin, authenticate that and then communicate to the NAS with a
> challenge to receive the OTP from the user. I think this can be done via an
> access-challenge reply to the NAS. My question is how do I get FreeNAS to
> send an Access-Challenge once it has verified the PIN is correct? If anyone
> can kindly give me some hints or point me in the right direction.
IMHO the simplest way would be just concatenate them together. e.g. if:
- your pin is 4 digits
- your OTP is 12 digits
- you use PAP
then you can ask your users to put the 4 digit pin followed by 12
digit OTP, so the password will be 16 digits. And since you use PAP,
you get User-Password attribute in the request which can easly be
split using unlang/regex into two components, which you can then
verifiy.
--
Fajar
More information about the Freeradius-Users
mailing list