Error 2FA - AD password and external OTP via RADIUS proxy
Клеусов Владимир Сергеевич
Kleusov.Vladimir at wildberries.ru
Wed Mar 11 15:31:35 CET 2020
In freeradius logs, this is ldap: Bind credentials incorrect: Invalid credentials): [testuser/testpasswd2217287
First the request for a normal password and then the otp 2217287
What's wrong ?
11 марта 2020 г., в 15:28, L.P.H. van Belle via Freeradius-Users <freeradius-users at lists.freeradius.org<mailto:freeradius-users at lists.freeradius.org>> написал(а):
F2A test, add it to your ssh login and enable it and test it.
Thats easy todo..
Just make sure you 2 ! Extra sessions logged in before you enable it.
If your on debian/ubuntu.
https://www.digitalocean.com/community/tutorials/how-to-set-up-multi-factor-authentication-for-ssh-on-ubuntu-16-04
What is easy todo for a test.
Greetz,
Louis
-----Oorspronkelijk bericht-----
Van: Freeradius-Users
[mailto:freeradius-users-bounces+belle=bazuin.nl at lists.freerad
ius.org<http://ius.org/>] Namens ?????????????? ????????????????
?????????????????? via Freeradius-Users
Verzonden: woensdag 11 maart 2020 13:18
Aan: FreeRadius users mailing list
CC: ?????????????? ???????????????? ??????????????????
Onderwerp: Re: Error 2FA - AD password and external OTP via
RADIUS proxy
Thanks. Bug fixed. Can I configure radtest for a 2fa request
? Now, after radtest testuser testpasswd 10.42.2.36 1812 testing123
Received Access-Challenge Id 160 from 10.42.2.36:1812 to
0.0.0.0:0 length 56
State = 0x575a6b39676f34544332324f584d357a
Reply-Message = "Please enter OTP»
That is I don't understand if 2fa works or not
11 ?????????? 2020 ??., ?? 14:27, Alan DeKok
<aland at deployingradius.com<mailto:aland at deployingradius.com>> ??????????????(??):
On Mar 11, 2020, at 7:21 AM, ??????????????
???????????????? ?????????????????? via Freeradius-Users
<freeradius-users at lists.freeradius.org<mailto:freeradius-users at lists.freeradius.org>> wrote:
I configure at
https://wiki.freeradius.org/guide/2FA-Active-Directory-plus-Pr
oxy But there was an error
/etc/freeradius/3.0/sites-enabled/proxy[2]: Invalid location
for 'if' Any ideas FreeRADIUS Version 3.0.1
Upgrade to 3.0.20. It has many bugs fixed.
And no, you didn't follow that guide. The guide is pretty
clear where the "if" statements go. It gives you filenames.
The server configuration is well documented. You can't
just add random things to random configuration files, and
expect that they do what you want.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list