FreeRadius 2.X & OTP Authentication

  • Hi,

    I try on a sandbox to play with the OTP password. I chose to start with pfSense 2 (2.1.4-RELEASE (amd64)) and FreeRadius package (2.1.12_1/2.2.4 pkg v1.6.7_3).

    I create a new server with few seetings and the OTP configured like that:

    I configure a client to match my pfsense directly and add a radius server in the UserManager of pfsense. At the end, I create a user in freeRadius. Everything works fine if I play with the classic couple username and password but when I activate the OTP settings for my user (I add a init secret key & a pin code) and I try to authenticate myself with my OTP password (given by the DroidOTP Android App), it does not work. I entered the same init secret key in the Android App and type the same pin code.

    I can see that the current date on the radius server and on my phone is exactly the same.

    I don't know what  I'm doing wrong but if someone can give me some tips and help me to sort if out, I will be very grateful.

    Thanks !

  • Hi,

    I kept searching yesterday and I think I maybe find out what's the trouble (but I don't know how to resolve it).

    I try to make the works but I found that the md5 calculated for the right EPOCHTIME is not the same as the one given by the Android Application DroidOTP.

    I also had to comment the line : #EPOCHTIME=chop $EPOCHTIME because I saw that optverify take only the first 9th digits from the current date where the DroidOTP based it calculation with the 10 digits.

    Right now, I clearly don't know what is wrong with the code or my settings.

  • I have the same issue… Don't think there is a miss configuration!
    But i didn't set a password for the user as discribed in docs... :(
    How could you resolve it !??

  • Sorry I can't remind what I've done to make it works. It was a misconfiguration very stupid…  Can you show me your configuration I will tell what's different with mine.

Log in to reply