Hi,
We are trying to test two-factor authentication using RADIUS server.
Two-Factor Authentication:
* First level authentication using username/password
* Second level authentication using the OTP
RADIUS FLOW:
User NAS RADIUS server
Telnet/SSH to NAS
using Username & --------> ACCESS-REQUEST -----------> Authenticates Username & password
password
Prompt the user
for OTP input <-------------------- <-----------------
ACCESS-CHALLENGE
User enters OTP --------> ACCESS-REQUEST -----------> Authenticates OTP via external OTP verification script
User logs in
successfully <-------------------- <----------------- ACCESS-ACCEPT
Could you please confirm whether this RADIUS flow (two-factor authentication) is feasible using GNU RADIUS server for PAP & CHAP users.
--