Yubico Forum ...visit our web-store at 2012-05-16T06:48:52+01:00 https://forum.yubico.com/feed.php?f=5&t=787 2012-05-16T06:48:52+01:00 2012-05-16T06:48:52+01:00 https://forum.yubico.com/viewtopic.php?t=787&p=3097#p3097 <![CDATA[Re: YubiRADIUS]]>
i have written a blog post detailing how I modified ropverify.php to only require the OTP for YubiRadius validation.

http://blog.metasplo.it/2012/05/modifyi ... icate.html

Statistics: Posted by james trevaskis — Wed May 16, 2012 6:48 am

]]> 2012-05-15T08:26:55+01:00 2012-05-15T08:26:55+01:00 https://forum.yubico.com/viewtopic.php?t=787&p=3093#p3093 <![CDATA[Re: YubiRADIUS]]>
I have both a VPN/citrix cag that I would like to use yubikey as a 2nd factor of authentication and to ensure single sign on I can't combine the password/otp together

Is there any way for the yubi radius to only authentication on the OTP?

Statistics: Posted by james trevaskis — Tue May 15, 2012 8:26 am

]]> 2012-04-23T11:26:25+01:00 2012-04-23T11:26:25+01:00 https://forum.yubico.com/viewtopic.php?t=787&p=3018#p3018 <![CDATA[Re: YubiRADIUS]]>
We would encourage you to contact Yubico at support@yubico.com so that we together can test out any options and once we have a working configuration we can post the result back to the forum.

Thanks!
Samir.

Statistics: Posted by samir — Mon Apr 23, 2012 11:26 am

]]> 2012-04-20T08:23:48+01:00 2012-04-20T08:23:48+01:00 https://forum.yubico.com/viewtopic.php?t=787&p=3013#p3013 <![CDATA[YubiRADIUS]]> It really helped in configuring the basic stuff.

I do however have a question for you guys.
Currently the Radius server can be configured to append OTP to either a username or a password.
This is quite easy, but sometimes i need passthrough authentication and if i have a password+otp that seems not to work.

For example:
I have setup a Citrix CAG VPX 5.0.4 to work with name + password, offcourse this work fine.
After logging in i get "forwarded" to the webinterface internally that handles the previous authentication by SSO.

if i configure the CAG to authenticate with radius i can enter name+password+otp, but after that the passthrough authentication does not work.
i can however setup the cag to ask for name+password and radius, but then i have to enter the password twice.

So the question is, can the Radius server be configured to handle OTP only ? And if yes how ?

Regards,

Arjan

Statistics: Posted by R2ArjanB — Fri Apr 20, 2012 8:23 am

]]>