Hi there,
i am trying to setup a time based one time password with the freeradius. (no
challange response !!)
i have a mobile phone that produces a token.
the token is a md5-hash of a shared-secret and the actual time in ms.
now i want to configure the freeradius server the following way:
the user has to enter his uername and the produced token from the mobile
phone.
this information is sent to the freeradius-server.
the server is connected to a ldap-database and looks up if the user exists.
if the user exists, he gets the shared-secret from the ldap.
now the freeradius has to calculate some tokens (cause time on server and
mobile are not the same). md5 of the shared secret from the user from ldap
and actual time.
after that he has to compare the calculated tokens with the token that was
provided by the user.
on positiv matches the user is authenticated.
Can it be implemented? Is there literature that I need to have a look at?
Is there already a plugin that supports time based one time passwords?
Can anyone help me with setting up this scenario???
best regards
peter urban
_________________________________________________________________
Sie suchen E-Mails, Dokumente oder Fotos? Die neue MSN Suche Toolbar mit
Windows-Desktopsuche liefert in sekundenschnelle Ergebnisse. Jetzt neu!
http://desktop.msn.de/ Jetzt gratis downloaden!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
