Judhi Prasetyo [3/27/2002 4:23 PM -0800]: > Is it possible to check users based on two sets of > password files?
Hello, Sorry for my poor English, maybe I was not so clear about this before. My intention is to build something like two factor authentication but in a very humble way. Usually the authentication factor is only using password. But I want some additional factor which is embeded in the username. The idea is very simple using method similar to Proxy perfix or suffix: user must add certain string before or after their username. Example: judhi.12345 where username = judhi, suffix=12345 We don't care about the password here since we don't want to modify it. In a normal RADIUS proxying, we can specify FreeRADIUS to look for proxy 12345 and strip the proxy name from username. And the proxy 12345 MUST be defined in configuration file BEFORE FreeRADIUS start. But here, I want the FreeRADIUS to: a. open a certain text file contain a userlist, look if there is a line with entry: "judhi.12345" b. if not found, just drop/reject the authentication request. c. if successful, strip the .12345 , then: d. forward the request to other AAA server (or check with local /etc/passwd) for Username: judhi and his original (unmodified) password. The userlist file I mentioned in Step-a above must be opened dynamically not just when we start FreeRADIUS like the way it open the config files. So we can modify the user entries as-and-when it is necessary without have to restart the FreeRADIUS server. Thanks & Regards, Judhi __________________________________________________ Do You Yahoo!? Yahoo! Greetings - send holiday greetings for Easter, Passover http://greetings.yahoo.com/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
