802.1X Radius with Yubikey
Philip Wege
philipw at binobyte.com
Wed Oct 29 10:01:36 CET 2014
Hi All
Has anyone managed to get yubikeys to work with wireless network access using yubikeys ?
I'm trying to get 802.1x to work with yubikeys using freeraduis 3, local user in the users file and the yubikey module. I'm constantly running into the same error which is shown below:
yubikey : No cleartext password in the request. Can't do Yubikey authentication
Default eap type is peap and default eap type under peap is gtc and gtc auth type is pap
I'm testing with a user defined in the users file and I'm trying authorize and authenticate as shown below in the inner tunnel:
Authorize :
eap
if (ok || updated) {
yubikey
files
}
else {
reject ( This is so that if no yubikey is submitted along with password radius should reject the auth * this works in default when authing vpn access under the yubikey authorize * )
}
Authenticate :
Auth-Type PAP {
yubikey
pap
}
I have tried defining a separate auth type like suggested in a previous mailing list post but startup kept on failing with error unknown auth type for eap_gtc yubikey when trying to do this:
Auth-Type yubikey {
yubikey
pap
}
More information about the Freeradius-Users
mailing list