Question about Access-Challenge
Udptelecom
udptelecom at gmail.com
Fri Jul 8 14:49:16 CEST 2011
Yes, it works this way. But the requirements are for a two phase authentication.
Sent from my iPhone
On Jul 8, 2011, at 2:11 AM, "Fajar A. Nugraha" <list at fajar.net> wrote:
> On Fri, Jul 8, 2011 at 10:14 AM, Jamshid Abedi <udptelecom at gmail.com> wrote:
>> Hello,
>>
>> I've got Mobile OTP to work with FreeRadius, I'd like to take this one step
>> further and turn this into a two phase process. The objective is to first
>> take the pin, authenticate that and then communicate to the NAS with a
>> challenge to receive the OTP from the user. I think this can be done via an
>> access-challenge reply to the NAS. My question is how do I get FreeNAS to
>> send an Access-Challenge once it has verified the PIN is correct? If anyone
>> can kindly give me some hints or point me in the right direction.
>
> IMHO the simplest way would be just concatenate them together. e.g. if:
> - your pin is 4 digits
> - your OTP is 12 digits
> - you use PAP
>
> then you can ask your users to put the 4 digit pin followed by 12
> digit OTP, so the password will be 16 digits. And since you use PAP,
> you get User-Password attribute in the request which can easly be
> split using unlang/regex into two components, which you can then
> verifiy.
>
> --
> Fajar
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list