OpenVPN Mobile-One-Time-Password freeradius2 bug?



  • Environment:

    • 2.1.5-RELEASE (amd64) built on Mon Aug 25 07:44:45 EDT 2014 FreeBSD 8.3-RELEASE-p16

    • freeradius2 2.1.12_1/2.2.5_3 pkg v1.6.10

    BUG
    After setting up two-factor authentication when you save configuration changes openvpn server is lost to authenticate users.

    Testing
    For example add to "Advanced configuration" (Openvpn server) option "keepalive 60 180" and save changes. Try to connect to the server using a two-factor authentication.

    LOG
    /var/log/radius.log
    Wed Nov  2014 : Auth: Login incorrect: [test/0a8280] (from client port 0)
    /var/log/openvpn.log
    Wed Nov  2014 : openvpn: user 'test' could not authenticate.

    MOTP script
    diff otpverify.sh otpverify.sh.back
    1c1
    < #!
    –-

    #!/usr/pbi/freeradius-amd64/bin/bash

    That is lost when you save the settings the first line of the script.

    For himself solved this problem by using "chflags schg /usr/pbi/freeradius-amd64/etc/raddb/scripts/otpverify.sh".