Contents of Freeradius-Users digest...Google Authenticator

Alex Perez-Mendez Alex.Perez-Mendez at
Mon Jan 28 11:12:42 CET 2019

Hi Soklang,

I'm currently working on a very simple TOTP python module that works 
fine with Google Authenticator and does does not exposes the drawbacks 
that using the PAM method has (such as having to create the actual UNIX 
accounts or being forced to use GTC/PAP).

I created it for its use with ABFAB/Moonshot, but it could be used by 
anyone. If you are interested, I can make it public (it's not public yet 
because I had to time to publish it).

All you need to do is to assign each user you want to use TOTP a 
Moonshot-OTP-Secret value, and to put
"moonshot_totp" at the end of the authorize section (either on the 
default or the inner-tunnel site).

testuser at   Cleartext-Password := "OneTestingPassword", 

Because of how it works, it needs FreeRadius 3.0.18 (soon to be 
released) to work, as it makes use of some improvements we made to the 
Python module in/out interface.


Alejandro Perez-Mendez
Technical Specialist (AAA), Trust & Identity
M (+34) 619 333 219
Skype alejandro_perez_mendez

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800.  

More information about the Freeradius-Users mailing list