freeradius using pam_oath doesn't return otp challenge

Phil Mayers p.mayers at
Sun Jun 16 11:46:51 CEST 2013

On 06/15/2013 06:20 PM, Martin Kraus wrote:
> Hi.
> I'd like to have freeradius authenticate users using their password (for
> simplicity I'm using /etc/shadow now) and TOTP through liboath. I was hoping
> to
> use freeradius to centralize this. PAM looked like the easiest way.

rlm_pam only supports plain username/password auth. It doesn't support 
additional prompts, or issuing an Access-Challenge to clients for more info.

There are various ways of doing OTP with FreeRADIUS. Read the docs/wiki 
and sample configs, and search the archives of the list.

More information about the Freeradius-Users mailing list