forked from infra/ansible
51 lines
1.2 KiB
Plaintext
51 lines
1.2 KiB
Plaintext
# -*- text -*-
|
|
#
|
|
# $Id: 0a339b4a1b9f1eafeb05992f2643497e802e2a49 $
|
|
|
|
# SMS One-time Password system.
|
|
#
|
|
# This module will extend FreeRadius with a socks interface to create and
|
|
# validate One-Time-Passwords. The program for that creates the socket
|
|
# and interacts with this module is not included here.
|
|
#
|
|
# The module does not check the User-Password, this should be done with
|
|
# the "pap" module. See the example below.
|
|
#
|
|
# The module must be used in the "authorize" section to set
|
|
# Auth-Type properly. The first time through, the module is called
|
|
# in the "authenticate" section to authenticate the user password, and
|
|
# to send the challenge. The second time through, it authenticates
|
|
# the response to the challenge. e.g.:
|
|
#
|
|
# authorize {
|
|
# ...
|
|
# smsotp
|
|
# ...
|
|
# }
|
|
#
|
|
# authenticate {
|
|
# ...
|
|
# Auth-Type smsotp {
|
|
# pap
|
|
# smsotp
|
|
# }
|
|
#
|
|
# Auth-Type smsotp-reply {
|
|
# smsotp
|
|
# }
|
|
# ...
|
|
# }
|
|
#
|
|
smsotp {
|
|
# The location of the socket.
|
|
socket = "/var/run/smsotp_socket"
|
|
|
|
# Defines the challenge message that will be send to the
|
|
# NAS. Default is "Enter Mobile PIN" }
|
|
challenge_message = "Enter Mobile PIN:"
|
|
|
|
# Defines the Auth-Type section that is run for the response to
|
|
# the challenge. Default is "smsotp-reply".
|
|
challenge_type = "smsotp-reply"
|
|
}
|