Hailu Meng <[email protected]> on Tue, 7 Jun 2011 13:57:51 -0500:
> Hi All,
>
> My plan is to integrate oath toolkit with free radius server. Then we can
> run otp authentication over radius. So any client supporting radius can use
> otp authentication. Like Cisco ASA. We can put Radius server for
> authentication. Freeradius talk to oath-toolkit for otp authentication.
That should be possible...
Just enable pam authentication module, should be something like this
in /etc/raddb/sites-enabled/default (or where ever your distribution places
it):
[...]
authenticate {
[...]
pam
[...]
}
[...]
Then edit /etc/raddb/modules/pam:
pam {
pam_auth = radiusd
}
And make your settings for pam_oath.so in /etc/pam.d/freeradius.
Ok, freeradius is a monster... Probably you need some more settings... But
that's the way to go. Let us know if it works!
--
Schoene Gruesse
Chris
