[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [OATH-Toolkit-help] Is this possible to setup our own token server?
From: |
Simon Josefsson |
Subject: |
Re: [OATH-Toolkit-help] Is this possible to setup our own token server? |
Date: |
Tue, 14 Jun 2011 06:49:26 +0200 |
User-agent: |
Gnus/5.110018 (No Gnus v0.18) Emacs/23.2 (gnu/linux) |
Hailu Meng <address@hidden> writes:
> First of all. Thanks Simon for this great tool! I love it.
You are welcome. :-)
> It seems like VMView only support RSA SecurID and Smart Card authentication.
> It doesn't support Radius either.
Ouch. If there is SecurID support, it isn't technically difficult to
extend it to support any OTP variant, including HOTP/TOTP. However,
unless they have some plugin architecture, convincing the produce to do
this may be difficult...
> I'm glad some body already succeeded in integrating radius and oath toolkit.
> That gave me the hope. The "su" application works great with oathtool. But
> when I tried radius --> PAM --> oath toolkit, I used radtest to test radius
> authentication. It never got there. But oath toolkit did update the
> users.oath file with time stamp and other things. I tried radius --> PAM -->
> LDAP and it worked fine.
>
> Is there debug I can turn on to see what's going on with oath toolkit? The
> debug I put in the pam_radiusd for oath didn't give any debug information.
Yes, there is a 'debug' flag to the pam_oath module.
/Simon