Exercising Challenge/Response code path in pam client?
Richard Perrin
rcp at sentientmeat.ca
Fri Sep 23 19:15:48 CEST 2016
On Thu, Sep 22, 2016 at 3:40 PM, Alan DeKok <aland at deployingradius.com> wrote:
> You need an authentication protocol which will do challenge-response. Most won't.
>
> In version 3, you can implement full challenge-response in "unlang".
>
> So... upgrade.
Any pointers on how to do the unlang challenge-response?
I've build and run 3.0.11, and have successful authentication
happening with the following minimalistic config file in
sites-enabled:
server port18121 {
listen {
ipaddr = *
port = 18121
type = auth
}
authorize {
update control {
Cleartext-Password := "radiuspass"
}
pap
}
authenticate {
pap
}
}
Not sure what's simplest to replace pap with in order to generate the
challenges.
- Richard
More information about the Freeradius-Users
mailing list