Hi there Is it somehow possible to store the shared secret in the SQL database in Rcrypt encrypted format and tell radiator to decrypt it whit the given key? I could not find such configuration options in the docs. Could it be done e.g. with a hook?
We are using radiator version 4.27-1 with this config snippet:
---
<AuthBy SQLTOTP>
Identifier SQLauthorizeTOTP
DBSource %{GlobalVar:DB-Source}
DBUsername %{GlobalVar:DB-Username}
DBAuth %{GlobalVar:DB-Auth}
Timeout 1
SQLRetries 3
FailureBackoffTime 180
AuthSelect SELECT base32_decode_to_hex(secret), active, pin, digits,
bad_logins, accessed, last_timestep, algorithm, timestep, timestep_origin from
RADIUS_TOTP_KEYS WHERE username=?
AuthSelectParam %{X-MY-USER}
UpdateQuery UPDATE RADIUS_TOTP_KEYS SET accessed=now(), bad_logins=?,
last_timestep=? WHERE username=?
UpdateQueryParam %0
UpdateQueryParam %2
UpdateQueryParam %{X-MY-USER}
NoDefault
NoEAP
</AuthBy>
---
Best regards,
Tobias
-------------------------------------------------------
ETH Zürich
Tobias Schnurrenberger
ITS Network Applications
OCT G 19
Binzmühlestrasse 130
8092 Zürich
Telefon +41 44 632 45 00
[email protected]
-------------------------------------------------------
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ radiator mailing list [email protected] https://lists.open.com.au/mailman/listinfo/radiator
