Yubico Forum

FreeRadius external authentication
Page 1 of 1

Author:  quiksilv [ Thu Feb 12, 2009 4:31 am ]
Post subject:  FreeRadius external authentication

Has anyone looked into authenticating FreeRadius clients with an external script instead of a PAM module?

The reason I ask is my VPN server is an OpenBSD box which doesn't support PAM so we should be able to authenticate with a script instead right? I am unsure of the security implications around this though!

Author:  network-marvels [ Thu Feb 12, 2009 12:07 pm ]
Post subject:  Re: FreeRadius external authentication

Right now, there is no Yubico authentication script available. An authentication script can be developed in Perl by referring to the open source Yubico PAM module. Any effort or experience sharing of developing such a script for OTP authentication would be highly appreciated!

Feel free to write back to us in case you have any further queries.

Author:  quiksilv [ Fri Feb 13, 2009 4:44 am ]
Post subject:  Re: FreeRadius external authentication

Thanks, I just looked into it and on second thoughts it looks extremely easy to implement in perl by just passing it to the yubico authentication server and back to radius using the rlm_perl module! I'll be sure to share anything I come up with...!

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group