On Tue, Feb 19, 2002 at 11:35:16PM +0100, Daniel Beuchler wrote: > Hi, > does anyone know how to use the freeradius x 9.9 plugin with cryptocard > tokens ? > I think ive got everything up and running smoothly ... and the server is not > my problem ... problems as follows: > > 1) how do i do i get the des key which is used by my token ?
Well, that's the trick, isn't it? ;-) > (i do currently not have a hardware token and a token initializer - > cause i dont want to spend money on test equipment > before being sure its really going to work :) It will work, but you'll need to do one of two things: - Reverse engineer the initializer, then you can program the tokens yourself (with keys that you generate), or - Figure out how cryptoadmin encrypts the keys stored in its database. Cryptoadmin can be downloaded free from www.cryptocard.com. I would suggest taking the second route (involves no cost other than some time and skill), then you'll know you can get the keys. Then buy the initializer and tokens and work on the first part. > Does the token initializer have a display where the key can be seen ? No. > 2) is it possible to use a st1 token for testing ? Absolutely.. > and if YES - how do i extract the DES Key from the .tok File which > is used for initialization ? Or is there another way to initialize a token Dunno. You'll have to reverse engineer that also. > 3) is there a generic x9.9 OTP-Generator available for Win / Palm / Win CE ? > (or a port of the included crcalc.c to palm OS for example ...) There is at least one for the Palm. I'm sorry I don't have any more info. For hardware tokens, another route to take is to buy the PassGo Defender token, it has full docs on how to program it. But it doesn't have a synchronous mode. :-( ActivCard also has full specs, you'd need to license the dev kit from them (it's pretty expensive). /fc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
