Contents of Freeradius-Users digest...Google Authenticator
Alex Perez-Mendez
Alex.Perez-Mendez at jisc.ac.uk
Mon Jan 28 11:12:42 CET 2019
Hi Soklang,
I'm currently working on a very simple TOTP python module that works
fine with Google Authenticator and does does not exposes the drawbacks
that using the PAM method has (such as having to create the actual UNIX
accounts or being forced to use GTC/PAP).
I created it for its use with ABFAB/Moonshot, but it could be used by
anyone. If you are interested, I can make it public (it's not public yet
because I had to time to publish it).
All you need to do is to assign each user you want to use TOTP a
Moonshot-OTP-Secret value, and to put
"moonshot_totp" at the end of the authorize section (either on the
default or the inner-tunnel site).
testuser at test.org Cleartext-Password := "OneTestingPassword",
Moonshot-OTP-Secret := "7MR674BRPXXNYGGMPFA52MW6GSMA6JQL"
Because of how it works, it needs FreeRadius 3.0.18 (soon to be
released) to work, as it makes use of some improvements we made to the
Python module in/out interface.
Best,
Alex
--
Alejandro Perez-Mendez
Technical Specialist (AAA), Trust & Identity
M (+34) 619 333 219
Skype alejandro_perez_mendez
jisc.ac.uk
Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.
Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800.
More information about the Freeradius-Users
mailing list