MSCHAPv2 followed by a smsotp authentication
Thomas Glanzmann
thomas at glanzmann.de
Sat Mar 31 21:45:58 CEST 2012
Hello Alan,
my initial thought that the state may only contain numbers, was wrong.
Now I want to verify that the message authenticator sent by freeradius
is correct, can you please walk me through how to do that?
I also added debugging code to freeradius so that it tells me that it
creates the Authenticator after smsotp was called and the reply type is
set to Access-Challenge. But it needs to be something and the Message
Authenticator is the only thing that I can't currently verify, so I have
the hope that freeradius does calculate it wrong for Access-Challenges
at least when using the rlm_smsotp module. Please advice.
Shared secret between freeradius and client: testing123
PCAP File: http://thomas.glanzmann.de/tmp/freeradius.pcap
And I'm interested how I can verify that the Message Authentictor in the
Access-Challenge is correct.
Btw. do you know of any 'radtest' client which supports
challenge-response?
Cheers,
Thomas
More information about the Freeradius-Users
mailing list