Best/fastest method to query external radius OTP
Alan DeKok
aland at deployingradius.com
Thu Jun 18 13:10:31 CEST 2020
On Jun 18, 2020, at 4:35 AM, Dominique Wille <dominique.wille at plantformance.com> wrote:
>
> Hello dear users. Could you help ?
> We have a freeradius 3.0.x configuration working
> - Authorization with LDAP
> - Authentication with LDAP, backup to files
>
> Now trying to get validation from OTP provider
>
> Needs to send a radius request with User-Name="myusername",
> User-Password="push" (this one is always "push", not the original pwd). The
> "push" words triggers a push notification on mobile that needs to be
> answered, and then OTP provider radius answers with accept or reject.
>
> I have tried radclient (working in console mode) with exec module, but
> having some issues to move it to rlm_exec module (piping data I think).
Why not just proxy the packet?
You can re-write the password in the "pre-proxy" section. That's what it's for.
Alan DeKok.
More information about the Freeradius-Users
mailing list